Security Bulletin

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: 95057C-FTHTWXCT11 Vulnerability: Improper Restriction of XML External Entity Reference 2. RISK EVALUATION...

Today, CISA, the National Security Agency, the Federal Bureau of Investigation, and international partners released a joint Cybersecurity Information Sheet on AI Data Security: Best Practices for Securing Data Used to Train & Operate AI Systems. This...

Commvault is monitoring cyber threat activity targeting their applications hosted in their Microsoft Azure cloud environment. Threat actors may have accessed client secrets for Commvault’s (Metallic) Microsoft 365 (M365) backup software-as-a-service...

Prompt injection risks in GitLab's AI assistant could have allowed attackers to steal source code, or indirectly deliver developers malware, dirty links, and more.

A recent spear-phishing campaign against countries in South Asia aligns with broader political tensions in the region.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

APT28 aims to infiltrate the networks of military groups and private contractors.

The success of Cisco’s future-proofed workplaces is powered by more than just technology. Behind the scenes, it’s the relationships between our Workplace Resources (WPR,) IT, Sales, and Product teams that are breaking through organizational silos to...

Cisco needed to modernize its underutilized and outdated real estate portfolio to support new and future ways of working. By leveraging its own, unique networking and collaboration technologies,… Read more on Cisco Blogs

The latest version puts more emphasis on supply chain and AI agent security.

Gaps in laws, technology, and corporate accountability continue to put women's safety and privacy online at risk.

The FBI and partners have disrupted "the world's most popular malware," a sleek enterprise with thousands of moving parts, responsible for millions of cyberattacks in every part of the world.