Security Bulletin

Overview DNSSEC-signed zones offer protection against response spoofing to both DNSSEC-validating resolvers and authoritative DNS zone operators who choose to sign their published zones. NSEC and NSEC3 are the mechanisms within DNSSEC used to provide...

Despite possibly supplanting some young analysts, one Gen Z cybersecurity specialist sees AI helping teach those willing to learn and removing drudge work.

Previously, we provided full text copies of the release notes for each version of Kea here in our KB. However, since they are always available directly from our downloads site at https://downloads.isc.org/isc/kea/ and Read the Docs, we felt it would...

A new ClickFix variant ratchets up the psychological pressure to 100 and addresses some technical mitigations to classic ClickFix attacks.

For the first time ever, the National Football League (NFL) played on Spanish soil – and Cisco played a key role in bringing one of the world’s most famous sports to one of sports’ most famed venues.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

A threat actor is leveraging a flaw in the Ray framework to hijack AI infrastructure worldwide and distribute a self-propagating cryptomining and data theft botnet.

The exploitation of CVE-2025-61757 follows a breach of Oracle Cloud earlier this year as well as a recent extortion campaign targeting Oracle E-Business Suite customers.

This campaign introduces a new variant that executes malicious code during preinstall, significantly increasing potential exposure in build and runtime environments, researchers said.

Advancements in vision language models expanded models reasoning capabilities to help protect employee safety.

Millions of hours wasted in traffic and unacceptable fatality rates are challenges transportation agencies face globally. At the recent ITS World Congress, Cisco showcased how we're powering Intelligent Transportation Systems for a safer, greener...

We continue to encounter high-profile vulnerabilities related to the use of URL mapping (or "aliases") with URL-based access control. Last week, we wrote about the Oracle Identity Manager vulnerability. I noticed some scans for an older vulnerability...