Security Bulletin

This Tech Tip outlines how enterprise defenders can mitigate the risks of the curl and libcurl vulnerabilities in their environment.

Liquidity mining scam puts cruel new spin on Chinese cryptocurrency fraud, with a dash of AI chat.

A plurality of the targets in the ongoing campaign have been based in the Americas.

Scammers have targeted the vaunted blue check marks on the platform formerly known as Twitter, smearing individuals and brands alike.

Popular malware like QakBot and DarkGate rely on VBScript, which dates back to 1996 — but their days are numbered now that Microsoft is finally deprecating the Windows programming. language.

Patches have been released by Citrix for a critical flaw affecting NetScaler Application Delivery Controller and NetScaler Gateway instances, which could be exploited to facilitate the disclosure of sensitive data without any authentication...

Newly developed cybersecurity guidelines from the U.S. Department of Treasury, Cybersecurity and Infrastructure Security Agency, National Security Agency, and the FBI tackling open source software usage in industrial control systems and operational...

CyberScoop reports that two security vulnerabilities impacting the open source curl and libcurl programs were significantly less threatening than originally thought, with the more severe flaw that affects curl and its connection with the SOCKS5 proxy...

Attacks targeting a high-severity use-after-free Adobe Acrobat Reader flaw, tracked as CVE-2023-21608, have prompted the inclusion of the bug in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, reports...