Security Bulletin

Cybercriminals are flocking to take part in the newly inflamed fight between India and Pakistan.

The voluntary Software Security Code of Practice is the latest initiative to come out of the United Kingdom to boost best practices in application security and software development.

Exposed data from LockBit's affiliate panel includes Bitcoin addresses, private chats with victim organizations, and user information such as credentials.

Remote code execution possible of SAP NetWeaver Visual Composer flaw rated 10.0.

On Dark Reading's 19-year anniversary, Editor-in-Chief Kelly Jackson Higgins stops by Informa TechTarget's RSAC 2025 Broadcast Alley studio to discuss how things have changed since the early days of breaking Windows and browsers, lingering challenges...

The security researcher who questioned the effectiveness of a patch for recently disclosed bug in Commvault Command Center did not test patched version, the company says.

The investigation is ongoing, but the VC giant intends to inform affected customers on a rolling basis as more of the breach details come to light.

Your ultimate goal shouldn't be security perfection — it should be making exploitation of your organization unprofitable.

Quantum encryption has been established by only 5% of U.S., UK, and Australian businesses so far even though 69% believe that cryptographically relevant quantum computers are imminent within the next five years, reports Infosecurity Magazine.

SecurityWeek reports that fixes have been released by SonicWall to address a trio of vulnerabilities impacting its Secure Mobile Access 100 series appliances.

Ongoing attacks leveraging a pair of critical operating system command injection flaws impacting GeoVision Internet of Things devices, tracked as CVE-2024-6047 and CVE-2024-11120, have prompted their inclusion in the Cybersecurity and Infrastructure...

TechCrunch reports that Insight Partners a venture capital firm with over $90 billion in regulated assets under management has confirmed the compromise of data belonging to an unspecified number of individuals as a result of a January cyberattack.