Security Bulletin

Former National Cyber Director Chris Inglis warns that cyber attacks threaten hospitals, utilities and essential services.

Voluminous patch updates could soon be the norm, as artificial intelligence accelerates the speed and scale of vulnerability discovery.

"Ghost-Sender" uses Exchange Online or on-premises in hybrid mode with a third-party mail server or spam filter to achieve this level of spoofing.

The attacks stemmed from a GitHub account that was also compromised in a previous Miasmi attack on Microsoft last month.

Microsoft today released patches for 204 vulnerabilities. 38 of these vulnerabilities are considered critical, and three have been disclosed before today. Six of the vulnerabilities affect Microsoft cloud solutions and do not require any user action...

Two separate campaigns target CVE-2025-8088, fixed last July, to conduct data theft and cyberespionage against military and government targets in Ukraine.

Discover how AI-driven vulnerability discovery is reshaping the cybersecurity landscape. Learn why foundational hardening and proactive threat detection are now essential for defending against zero-day threats in the post-AI era.

Discover how Cisco Cloud Control and LiveProtect unify security and networking to protect infrastructure. Learn how our latest innovations and stacked partner incentives can drive operational simplicity and maximize your profitability today.

Discover how Cisco's marketing RevOps team built an AI enablement playbook to scale innovation securely—turning AI strategy into real-world impact.

Simplify your security with Cisco SASE with Meraki. Easily integrate SD-WAN with SSE for fast, automated protection across your hybrid network.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

AI-generated content threatens credibility in cybersecurity. This "Ask the Expert" column explores why human oversight matters and how to maintain authentic narratives.