Security Bulletin

Cryptocurrency apps were the most high risk for exposing sensitive information, a reverse-engineering study shows.

Today at BlueHat we announced the new Microsoft AI bug bounty program with awards up to $15,000. This new bounty program features the AI-powered Bing experience as the first in scope product. The following products and integrations are eligible for...

Here’s a three-step approach any company could adopt for managing the current crisis in the aftermath of the terrorist attack in Israel.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Microsoft fixed 103 vulnerabilities in its October Patch Tuesday release, including fixes for two zero-days actively exploited.

Companies with customers in California need to prepare for a new process for demanding deletion of personal data.

A sophisticated APT known as "ToddyCat," sponsored by Beijing, is cleverly using unsophisticated malware to keep defenders off their trail.

Touted for days as potentially catastrophic, the curl flaws only impact a narrow set of deployments.

Google has begun implementing passkeys by default after gradually rolling out the authentication approach to Chrome and Android and later to user accounts and Google Workspace during the past year, reports SiliconAngle.

TechCrunch reports that security orchestration, automation, and response platform developer Revelstoke is set to be purchased by cybersecurity firm Arctic Wolf in a bid to facilitate accelerated and more comprehensive cyberattack detection and...

Microsoft has announced plans to remove the VBScript programming language, which was initially bundled with Internet Explorer, in future Windows releases after three decades of usage, BleepingComputer reports. "VBScript is being deprecated.

New Magecart attacks involving the alteration of default 404 error pages to hide malicious code have been deployed against numerous Magento and WooCommerce sites, including those of food and retail industry entities, The Hacker News reports.