Security Bulletin

The National Institute of Standards and Technology (NIST) released updated differential privacy guidelines for organizations to follow to protect personally identifiable information when sharing data.

Quantum computers could arrive any day, yet it'll take years to swap out vulnerable encryption algorithms for "quantum-safe" replacements. Here's why and how to start the transition now.

A threat actor leveraged the vulnerability in an "extremely sophisticated" attack on targeted iOS users, the company says.

The prolonged attack, which lasted 300+ days, is the first known compromise of the US electric grid by the Voltzite subgroup of the Chinese APT; during it, the APT attempted to exfiltrate critical OT infrastructure data.

In the past, the vulnerability was exploited to drop Mirai botnet malware. Today, it's being used once more for another botnet campaign with its own malware.

AI has accelerated text and voice-based scams – here’s how security teams can protect identities.

Today, I noticed increased scans for the VMWare Hyprid Cloud Extension (HCX) "sessions" endpoint. These endpoints are sometimes associated with exploit attempts for various VMWare vulnerabilities to determine if the system is running the extensions...

The executives will be investigated under Spain’s “discovery and disclosure of secrets” law.

The flaw compromises Perforce’s core authentication protocol.

The package impersonated popular Python libraries such as python-utils and utils.

Investment scams were the most financially damaging, accounting for $5.7 billion in losses.