Security Bulletin

DomainTools discovered the group “Horrid” while investigating a bulletproof hosting service.

The firing of NSA Director Gen. Timothy Haugh will make the nationa "less safe," say top Dems.

Hotel and casino operations for the Lower Sioux Indians have been canceled or postponed, and the local health center is redirecting those needing medical or dental care.

Shifting to a RaaS business model has accelerated the group's growth, and targeting critical industries like healthcare, legal, and manufacturing hasn't hurt either.

Layoffs may cause short-term disruptions, but they don't represent a catastrophic loss of cybersecurity capability — because the true cyber operations never resided solely within CISA to begin with.

Hoxhunt's artificial intelligence-based spear-phishing agent JKR has become 24% more effective in establishing simulated phishing campaigns than human red teams, which were 10% and 24% better than their AI counterparts in tests conducted in November...

Mounting economic uncertainty brought upon by President Donald Trump's tariffs on all goods imported to the U.S. are expected by Tenable co-CEO Steve Wintz to fuel more illicit cyber activity from its adversaries, Nextgov/FCW reports. "There's a...

Infosecurity Magazine reports that Washington State K-12 school district Highline Public Schools has acknowledged having had sensitive information from its students and faculty members stolen following a ransomware attack in September that resulted...

Officials at Texas' City of Lubbock have confirmed that data from 12,503 individuals have been compromised following a cyberattack against its utility payment website, according to The Record, a news site by cybersecurity firm Recorded Future.

South Korean artificial intelligence firm AI-NOMIS had 47.8 GB of data with 93,485 explicit AI-generated images depicting underage individuals and JSON files belonging to its AI image generator platform GenNomis inadvertently exposed by a...

BleepingComputer reports that Amazon Web Services, Google, Microsoft Azure, Hadoop, and other big data platforms could be subjected to significant compromise through the exploitation of a maximum-severity remote code execution vulnerability impacting...

Nearly 50 online merchants have already been compromised in intrusions exploiting Stripe's legacy application programming interface "api.stripe[.]com/v1/sources" for payment data validation part of an advanced web skimmer campaign that has been...