Security Bulletin

Officials at Baltimore's Arundel County have disclosed that data belonging to patients served by its Health Department may have been stolen following a ransomware attack earlier this year, CBS Baltimore reports.

A 2025. 20. hetére vonatkozó hírválogatás, amely az NBSZ NKI által 2025.05.09. és 2025.05.15. között kezelt incidensek statisztikai adatait is tartalmazza.

Even after their zero-day turned into an n-day, attackers known as Marbled Dust or Sea Turtle continued to spy on military targets that had failed to patch Output Messenger.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

The rollout of new rules around the Cybersecurity Maturity Model Certification by the U.S. Department of Defense is pushing government contractors to upgrade their internal security practices and protections

The malicious package also uses Unicode steganography to evade detection.

Discover how Cisco Networking Academy is empowering the next generation of tech leaders with accessibility at the forefront.

Nucor made it clear its investigation is still in the early stages and didn't specify the nature or scope of the breach, nor who the threat actor might be.

The startup, which previously launched the Acra platform, aims to address data management issues by isolating and compartmentalizing access to reduce fallout from system compromises.

Fraudsters worldwide apply for money from the US government using stolen and forged identities, making off with hundreds of billions of dollars annually.

CVE-2025-4632, a patch bypass for a Samsung MagicInfo 9 Server vulnerability disclosed last year, has been exploited by threat actors in the wild.