If you don’t look inside your environment, you can’t know its true state – and attackers count on that
Workers frustrated with security-first changes to workflows and teething issues Exclusive Seven months after a landmark cyberattack, the UK's Legal Aid Agency (LAA) says it's returning to...
The malicious scripts and phishing pages led the threat categories in terms of both the percentage of ICS computers on which this threat was blocked and the growth rate.
Tenable is expanding its partnership with the U.S. federal government by supporting the U.S. General Services Administration OneGov initiative. Through this collaboration, federal agencies can now...
U.S. government agencies face unique challenges as they adopt cloud technologies to meet digital modernization initiatives and adhere to a cloud-first policy. Here’s how Tenable Cloud Security...
01flip is a new ransomware family fully written in Rust. Activity linked to 01flip points to alleged dark web data leaks.
Threat actors are now exploiting CVE-2025-55182, and attacks are poised to grow. Here's what you need to know about the vulnerability, how our honeypots are being targeted, what malware is being...
SEOUL, Dec 10 (Reuters) - South Korea's biggest online retailer Coupang said on Wednesday that CEO Park Dae-jun has resigned, taking responsibility for a huge data breach at the company that has...
React is a popular JavaScript library used to build modern, interactive web interfaces. It helps developers create UI components that update efficiently when data changes. React runs mostly in the...
React is a JavaScript library used to build interactive user interfaces using reusable components. React Server Components (RSC) extend this model by allowing certain components and logic to run...
The no-code power of Microsoft Copilot Studio introduces a new attack surface. Tenable AI Research demonstrates how a simple prompt injection attack of an AI agent bypasses security controls,...
A data breach involving Tris Pharma was reported in December 2025. See incident details, impact on customers, and recommended security measures.
A data breach involving Barts Health NHS Trust was reported in December 2025. See incident details, impact on customers, and recommended security measures.
Splunk disclosed high-severity vulnerabilities in Windows Enterprise and Universal Forwarder on Dec 3, 2025. See affected versions and remediation steps.
A security incident involving React was reported in December 2025. See incident details, impact on customers, and recommended security measures.
React2Shell continues to witness heavy exploitation, with threat actors leveraging the maximum-severity security flaw in React Server Components (RSC) to deliver cryptocurrency miners and an array...
New research has uncovered exploitation primitives in the .NET Framework that could be leveraged against enterprise-grade applications to achieve remote code execution. WatchTowr Labs, which has...
Explores Palestine Action’s post-designation global network, tactics, and targets, and evaluates key physical risks and mitigations for organizations.
Researchers warn that half of the exposed vulnerable instances remain unpatched as in-the-wild exploitation grows rapidly. The post Attacks pinned to critical React2Shell defect surge, surpass 50...
More than half of internet-exposed instances already compromised Attackers are actively exploiting a zero-day bug in Gogs, a popular self-hosted Git service, and the open source project doesn't...
Daryna Antoniuk reports: Spanish law enforcement has arrested a 19-year-old man in northeastern Spain for allegedly stealing and selling about 64 million personal data records siphoned from nine...
Officials in Cambridge, Massachusetts, and Eugene, Oregon, found that some Flock Safety license plate readers were still active after the municipalities asked for services to be terminated.
Three security vulnerabilities have been disclosed in the Peripheral Component Interconnect Express (PCIe) Integrity and Data Encryption (IDE) protocol specification that could expose a local...
The digital intrusion allegedly caused thousands of pounds of meat to spoil and triggered an ammonia leak in the facility A Ukrainian woman accused of hacking US public drinking water systems and...
Devs and users should know better, Microsoft tells watchTowr Security researchers have revealed a .NET security flaw thought to affect a host of enterprise-grade products that they say Microsoft...
Cloud security is changing. Attackers are no longer just breaking down the door; they are finding unlocked windows in your configurations, your identities, and your code. Standard security tools...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a security flaw impacting the WinRAR file archiver and compression utility to its Known Exploited Vulnerabilities...
The names of two partial owners of firms linked to the Salt Typhoon hacker group also appeared in records for a Cisco training program—years before the group targeted Cisco’s devices in a spy campaign.
Read how two Cisco Network Academy Cup winners went from students to operators behind Salt Typhoon, a global cyber espionage campaign targeting telecoms.
What a year’s worth of awards mean to us and, more importantly, to your SOC