Security Bulletin

Microsoft has announced plans to remove the VBScript programming language, which was initially bundled with Internet Explorer, in future Windows releases after three decades of usage, BleepingComputer reports. "VBScript is being deprecated.

New Magecart attacks involving the alteration of default 404 error pages to hide malicious code have been deployed against numerous Magento and WooCommerce sites, including those of food and retail industry entities, The Hacker News reports.

Spain's third-largest airline Air Europa had its customers' credit card information compromised following a cyberattack against its systems, according to BleepingComputer.

Global UK-based electronic connector manufacturer Volex had some of its IT systems and data around the world compromised following a cyberattack over the weekend, reports The Record, a news site by cybersecurity firm Recorded Future.

Organizations should brace for mass exploitation of CVE-2023-22515, an uber-critical security bug that opens the door to crippling supply chain attacks on downstream victims.

Google, Cloudflare, and Amazon Web Services were able to avert record-breaking layer 7 distributed denial-of-service attacks leveraging the new HTTP/2 Rapid Reset technique that peaked at 398 million, 201 million, and 155 million requests per second...

CyberScoop reports that suspected Israel-linked hacking group Predatory Sparrow has reemerged after an almost year-long hiatus amid the ongoing conflict between Israel and the Palestinian military group Hamas.

Vulnerable Atlassian Confluence Data Center and Server instances have been targeted by Chinese state-backed threat operation Storm-0062, also known as DarkShadow and Oro0lxy, in ongoing attacks exploiting a zero-day flaw, tracked as CVE-2023-22515...

Numerous biomedical, IT, and manufacturing entities in the U.S., Taiwan, Vietnam, and an unspecified island in the Pacific have been subjected to cyberespionage attacks by the newly discovered state-sponsored threat operation Grayling from February...

The Cisco Black Belt Partner Listening Program is a comprehensive initiative designed to foster a deeper understanding of partner needs and preferences within the dynamic technology industry. It represents a holistic approach that recognizes the...

Cisco's $28 billion purchase of Splunk was the biggest story, but there were other big security acquisitions and investments during a richer-than-expected quarter.

CISA flags use-after-free bug now being exploited in the wild.