Greater recognition of the fragility and interdependence of critical manufacturing systems is reflected in the move toward sustainable... The post Sustainable cyber risk management emerges as...

Two information disclosure flaws have been identified in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise Linux, and Fedora, according to the Qualys Threat...

Quorum Cyber identifies two new NodeSnake RAT variants, strongly attributed to Interlock ransomware, impacting UK higher education and local government.

A multinational law enforcement operation has resulted in the takedown of an online cybercrime syndicate that offered services to threat actors to ensure that their malicious software stayed...

Technical details about a maximum-severity Cisco IOS XE WLC arbitrary file upload flaw tracked as CVE-2025-20188 have been made publicly available, bringing us closer to a working exploit. [...]

The latest episode of the Sustain podcast features Kade Morton from Arachne Digital, and it’s a grounded conversations about cybersecurity and open source.In the episode, Kade talks candidly about...

AVCheck and related crypting services helped cybercriminals make malware difficult to detect and confirm that malware could slip through various antivirus tools undetected, officials said. The...

AVCheck and related crypting services helped cybercriminals make malware difficult to detect and confirm that malware could slip through various antivirus tools undetected, officials said. The...

The wrong way to get out of Trump's America.

A new malware campaign is distributing a novel Rust-based information stealer dubbed EDDIESTEALER using the popular ClickFix social engineering tactic initiated via fake CAPTCHA verification...

The 28-year-old, who’d been employed by the Defense Intelligence Agency since 2019, specialized in insider threats and had top secret security clearance, officials said. The post US intelligence...

The 28-year-old, who’d been employed by the Defense Intelligence Agency since 2019, specialized in insider threats and had top secret security clearance, officials said. The post US intelligence...

Three hospitals run by Catholic healthcare organization Covenant Health are dealing with a cyberattack that forced the facilities to shut off all access to data systems.

Plus: An Iranian man pleads guilty to a Baltimore ransomware attack, Russia’s nuclear blueprints get leaked, a Texas sheriff uses license plate readers to track a woman who got an abortion, and more.

The lawmakers say the January purge has left the United States blind on the nature of the historic Salt Typhoon telecommunications breach. The post Four Senate Democrats call on DHS to reinstate...

Several Senate Democrats called on Homeland Security Secretary Kristi Noem to reestablish the Cyber Safety Review Board (CSRB) so it could continue looking into China-linked hacks.

The China-linked threat actor behind the recent in-the-wild exploitation of a critical security flaw in SAP NetWeaver has been attributed to a broader set of attacks targeting organizations in...

The landmark trial between WhatsApp and NSO Group unearthed several new revelations.

Breaking Out of the Security Mosh Pit When Jason Elrod, CISO of MultiCare Health System, describes legacy healthcare IT environments, he doesn't mince words: "Healthcare loves to walk backwards...

CERT Polska has received a report about 3 vulnerabilities (from CVE-2024-13915 to CVE-2024-13917) found in applications preloaded on Ulefone and Krüger&Matz smartphones.

Hackers reportedly accessed Wiles' phone contacts, which were used to impersonate her.

Two critical vulnerabilities affecting the open-source forum software vBulletin have been discovered, with one confirmed to be actively exploited in the wild. [...]

New research from Claroty’s Team82 uncovered critical security vulnerabilities in the Allen-Bradley (Rockwell Automation) PowerMonitor 1000, revealing an... The post Critical Rockwell PowerMonitor...

As geopolitical tensions sharpen and cyber operations move into the shadows of critical infrastructure, non-profit organization MITRE published... The post MITRE sounds alarm on cyber war threats...

Exposure management company Tenable announced its intent to acquire Apex Security Inc., a vendor for securing the rapidly... The post Tenable to acquire Apex Security to tackle expanding AI threat...

A new feature has customers worried, but T-Mobile says it's meant to be helpful. Either way, you can disable it. Here's how.

Australian firms with an annual turnover of AUS $3m are now required to report any payments to ransomware groups to authorities

Microsoft announced today that the Windows 11 Notepad application is getting a text formatting feature supporting Markdown-style input. [...]

Part 2 of 2: This step-by-step guide will make SSO easy–and more secure

The elusive boss of the Trickbot and Conti cybercriminal groups has been known only as “Stern.” Now, German law enforcement has published his alleged identity—and it’s a familiar face.