Security Bulletin

Officials at South Africa's National Health Laboratory Service have announced plans to restore the operations of some services disrupted by a recent ransomware attack claimed by the BlackSuit ransomware gang by the middle of the month as the country...

The campaign, which distributes dozens of malicious jQuery variants across npm, GitHub, and jsDelivr, appears to be a manual effort, and lacks the typical pattern that characterizes similar, related attacks.

Hong Kong-based computer hardware manufacturer Zotac had more than 20,000 data entries, including return merchandise authorization files, serial numbers, and personal details accidentally leaked after being uploaded to a publicly accessible file...

BleepingComputer reports that Ticketmaster had 38,745 tickets for 154 concerts and events from its print-at-home ticketing solution TicketFast exposed by Sp1d3rHunters after the ticketing giant dismissed the attackers' initial leak of 166,000 Taylor...

Neiman Marcus was reported by Have I Been Pwned founder Troy Hunt to have had more than 31 million email addresses compromised in a May data breach, which the U.S. luxury retailer disclosed in a filing with Maine regulators to have only impacted 64...

SecurityWeek reports that intrusions involving the exploitation of a format string injection vulnerability in the widely used general document conversion toolkit Ghostscript, which could be used to achieve remote code execution, have already been...

AI without security poses significant risks, including data compromise and manipulation. Cisco encourages partners to prioritize security by design, transparency, and continuous monitoring to ensure AI's safe and effective integration into our lives.

More Latin American financial organizations have been subjected to intrusions involving the Mekotio banking trojan, also known as Melcoz, aimed at banking credential exfiltration, The Hacker News reports.

Cybersecurity investments reached $3.3 billion during the second quarter of this year, which was 71% higher than the same period last year.

Attacks leveraging cloud services and resources have been deployed by the novel CloudSorcerer advanced persistent threat operation against Russian government organizations, reports SiliconAngle.

Such a breach, which the BlackSuit ransomware group claimed to have resulted in the theft of 1.2 TB of data, "has endangered the safety and well-being of millions of public health patients."