Security Bulletin

An emerging threat cluster tracked as UAT-10608 is exploiting vulnerable Web-exposed Next.js apps and using an automated tool to exfiltrate credentials, secrets, and other system data.

Medical professionals are not going to stop using AI tools to manage growing workloads. Organizations should prioritize bolstering security protocols to limit their blast radius.

In recognition of 21 generative AI risks, the standards groups recommends that companies take separate but linked approaches to defending GenAI and agentic AI systems.

As the healthcare industry undergoes rapid digital transformation, learn how to secure your organization against evolving cyber threats and align with the updated HIPAA Security Rule through Cisco’s specialized Zero Trust approach.

Data privacy labels are a great idea for mobile apps, but the current versions just aren't good enough.

Even organizations with users unwilling or unable to adopt iOS 26 can now protect themselves from a severe mobile OS-cracking tool.

As organizations disclose breaches tied to TeamPCP's supply chain attacks, ShinyHunters and Lapsus$ are getting involved, taking credit, and creating a murky situation for enterprises.

"Skull vibration harmonics generated by vital signs" can be used to sign in to VR, AR, and MR headsets, according to emerging research.

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

The rebuilt Chainguard platform adds deeper security designed to continuously reconcile open-source artifacts across containers, libraries, Actions and skills.

Explore how Cisco Duo bridges the gap between robust zero-trust authentication and essential NIST framework requirements to strengthen cyber resilience in the public sector.

Once CrowdStrike’s nemesis, Microsoft is now a collaborator. A shared interest in Formula 1 helped thaw the years-long fierce rivalry.