Security Bulletin

The threat actor retrieves resources and payloads from smart contracts on the Binance Smart Chain.

CISA this week added CVE-2025-24472 to its catalog of known exploited vulnerabilities, citing ransomware activity targeting the authentication bypass flaw.

Trend Micro uncovered a method that nation-state threat actors are using to target victims via the Windows .Ink shortcut file extension.

Several major companies in the finance sector were impacted by the third-party breach, prompting them to notify thousands of customers of their compromised data.

An exclusive conversation with SC Media and cybersecurity venture capitalist Bob Ackerman explores the deal’s impact on hybrid cloud, AI, and the future of M&A.

Affected organizations running repos in GitHub should assume compromise and rotate secrets immediately.

The acquisition signals a shift toward real cloud security, as enterprises demand solutions that stop threats — not just check compliance boxes.

Research finds that organizations are granting root access by default and making other big missteps, including a Jenga-like building concept, in deploying and configuring AI services in cloud deployments.