Security Bulletin

U.S. multinational industrial technology firm Sensata Technologies has confirmed that its manufacturing, shipping, and other operations were temporarily affected by a ransomware attack against its systems on Sunday, which has yet to be admitted by...

Lovable AI most likely to be harnessed in phishing App building generative artificial intelligence platform Lovable was significantly more vulnerable to being jailbroken to facilitate phishing campaigns, compared with Anthropic's Claude and OpenAI's...

More than 400,000 small and medium-sized business websites have already been targeted by the new artificial intelligence-based AkiraBot spamming tool since September, at least a fifth of which have been bombarded with contact forms and chat widgets...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

[This is a Guest Diary by Matthew Gorman, an ISC intern as part of the SANS.edu BACS program]

Google will combine existing services bundled with cybersecurity firm Mandiant.

Google Unified Security brings together threat detection, AI-powered security, secure browser features, and Mandiant services, the company said at its Cloud Next conference.

The security teams associated with the 2024 Olympic Games in Paris focused on in-depth penetration testing, crisis management exercises, and collaboration to defend against potential cyberattacks.

A review of the emails involved in the breach is still ongoing, but what has been discovered is enough for the Treasury Department to label it a "major cyber incident."

Attacks on a critical authentication bypass flaw in CrushFTP's file transfer product continue this week after duplicate CVEs sparked confusion.

Several RansomHub affiliate chat portals reportedly went offline last week.

Cybersecurity and policy experts worry that if tariffs give way to a global recession, organizations will reduce their spending on cybersecurity.