Security Bulletin

The Register reports that U.S. insurance and advisory services provider Hilb Group had 81,539 individuals' personal data compromised following a breach of employee email accounts earlier this year.

Admins need to patch immediately, as the prolific cybercrime group pivots from cryptomining to going after cloud secrets and credentials.

Ransomware attackers have reportedly targeted India-based IT consulting firm Infosys' U.S.-based subsidiary McCamish Systems, The Times of India reports.

Allied Pilots Association, the pilot union of American Airlines with over 15,000 members, had some of its systems encrypted following a ransomware attack, which was initially discovered on Oct. 30, reports The Record, a news site by cybersecurity...

Singaporean public health organizations had their internet connectivity disrupted by ongoing distributed denial-of-service attacks from a still unknown threat actor, according to The Record, a news site by cybersecurity firm Recorded Future.

Threat actors could leverage Apple's "Find My" location network used for locating lost Apple devices to facilitate the exfiltration of keylogger-stored information, BleepingComputer reports.

Zero-day exploitation around the world was observed by the Cybersecurity and Infrastructure Security Agency to have significantly increased during the past month, with CISA Associate Director for Capacity Building Michael Duffy noting its impact on U...

Learn how to connect to the cloud, no matter your current skill level. Explore all-new tutorials on cloud connectivity, upcoming releases, and the ENCC Specialist certification, available now as a concentration exam in the CCNP Enterprise...

BleepingComputer reports that persistent exploitation of Discord's content delivery network to facilitate malware hosting and distribution has prompted the instant messaging and VoIP social platform to deploy a new 24-hour expiration limit for all...

Android virtual private network apps in Google Play that have been subjected to a Mobile Application Security Assessment will have their Data safety section include the new "Independent security review" badge as part of Google's efforts to enhance...

Previously limited to initial access brokering, the Gootloader group has pivoted to a nasty post-compromise "GootBot" attack, each implant with its own C2.

With AI and publicly available data, cybercriminals have the resources they need to fake a real-life kidnapping and make you believe it.