Security Bulletin

StateScoop reports that increasingly prevalent cybersecurity threats against Texas have prompted Gov. Greg Abbott to approve legislation establishing a new state Cyber Command at the University of Texas at San Antonio.

Congress has been urged by Federal Trade Commission Chair Andrew Ferguson to bolster its version of the Children's Online Privacy Protection Rule as the agency intensifies its clampdown on erring websites and service providers under its recently...

Valid account credentials without multi-factor authentication continued to be the dominant initial access vector in cyberattacks last quarter, accounting for 56% of all cybersecurity incidents during the first three months of 2025, Infosecurity...

Threat actors could remotely compromise almost 35,000 internet-exposed solar power systems around the world, reports Cybersecurity Dive.

SecurityWeek reports that the industrial sector has been primarily infected with the Win32.Worm.Ramnit, Trojan.scar/shyape, Trojan.lokibot/stealer, and Win32.Worm.Sohanad malware between October 2024 and March 2025.

Nearly 15% of all global distributed denial-of-service traffic has been directed at the U.S., making it the third most DDoS attack-targeted country behind only India and China, Hackread reports.

Ukraine's Military Intelligence Service, or HUR, has taken credit for compromising major Russian aerospace and defense firm Tupolev in an attack, which purportedly led to the theft of over 4.4 GB of classified data, according to the Kyiv Post.

Major U.S. local newspaper publisher Lee Enterprises had information from 39,779 individuals, including their Social Security numbers, compromised as a result of an attack by the Qilin ransomware-as-a-service operation in February, which allegedly...

Cybernews reports that American Hospital Dubai, the leading private healthcare provider in the United Arab Emirates city, was claimed to have had 450 million patient records stolen following an attack by the newly emergent Gunra ransomware gang.

CISA has added one new vulnerability to its  Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-5419 Google Chromium V8 Out-of-Bounds Read and Write Vulnerability This type of vulnerability is a frequent...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: CyberData Equipment: 011209 SIP Emergency Intercom Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Missing...

CISA released seven Industrial Control Systems (ICS) advisories on June 5, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-155-01 CyberData 011209 SIP Emergency...