Security Bulletin

Megjelent a 2025. 40. hetére vonatkozó hírválogatás, amely az NBSZ NKI által 2025.09.26. és 2025.10.02. között kezelt incidensek, valamint az elosztott kormányzati IT biztonsági csapdarendszerből (GovProbe1) származó adatok statisztikai eloszlását is...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

With nearly 47,000 CVEs expected by the end of the year, organizations must balance comprehensive vulnerability management with strategic cyber insurance policy selection to effectively navigate this rapidly evolving threat landscape.

The NFL's cyberattack surface is expanding at an unprecedented rate. To find out more, we spoke with a cyber defense coordinator from the Cleveland Browns.

A threat actor claimed 28,000 private repositories had been compromised, and the Linux software maker said it had "initiated necessary remediation steps."

Cybersecurity Awareness Month is here, and so are our tried-and-true offers to help you leap to the forefront of cyber tech. There’s never been a better time to find your place in cybersecurity or take your career to the next level. This month, it’s...

I have been writing about the ".well-known" directory a few times before. Recently, about attackers hiding webshells [1], and before that, about the purpose of the directory and why you should set up a "/.well-known/security.txt"...

With SMS, voice, and QR-code phishing incidents on the rise, it's time to take a closer look at securing the mobile user.

Discover how states can leverage $50 billion in federal funding to modernize rural healthcare through secure, scalable digital infrastructure—and why timely action is critical to transform care for millions.

Zero trust architecture reduces industrial cyber risks. Learn how Cisco helps secure OT networks at scale without disrupting production.

The long-running South Asian advanced persistent threat (APT) group is advancing its objectives against Pakistani targets, with a shift to deploying Python-based surveillance malware.

In a clever, messed-up twist on brand impersonation, attackers are passing off their spyware as a notorious UAE government surveillance app.