Security Bulletin

Citrine Sleet's intrusion against Radiant Capital commenced in September with the spoofing of a former contractor on Telegram to lure a Radiant developer into downloading a ZIP file featuring a decoy PDF file and the InletDrift macOS malware, which...

"...[A]ny disruptions in interaction with our consumers are the result of protective measures for internal infrastructure. These measures are temporary and are designed to ensure the security of the entire system," said Electrica Group.

Infiltration of a single user's email in a phishing attack between May 8 and May 9 allowed threat actors to compromise individuals' names, addresses, Social Security numbers, contact information, financial account details, health information...

The threat actor group recently took credit for a similar attack on Blue Yonder that affected multiple organizations, including Starbucks.

Numerous servers belonging to Kurita America have been compromised with ransomware beginning Nov. 29, resulting in the exfiltration of data belonging to its customers, employees, and business partners, according to a statement from the company, which...

Attackers were also able to exfiltrate and encrypt certain files as a result of the systems breach, said Artivion in a filing with the Securities and Exchange Commission, which noted that efforts to recover systems that have been shut down following...

Banking trojan gives attackers access to corporate credentials, apps, and data when employees run remote access sessions on their Androids.

Today, we face a formidable challenge: what was once a tool intended for seamless interaction has now become fertile ground for cyber threats and malicious actors.

Microsoft today released patches for 71 vulnerabilities. 16 of these vulnerabilities are considered critical. One vulnerability (CVE-2024-49138) has already been exploited, and details were made public before today's patch release.

Because the streaming service website offers no content restrictions, attackers are able to hijack and manipulate live streams.

The Nemesis and ShinyHunters attackers scanned millions of IP addresses to find exploitable cloud-based flaws, though their operation ironically was discovered due to a cloud misconfiguration of their own doing.

Discover Cisco's New Hire Learning Plan from the Cisco Black Belt Academy, empowering new talent with essential skills and knowledge for success through modular, interactive training and expert support. Join us in shaping future leaders.