More than 20 new vulnerabilities, including one critical vulnerability, enable denial-of-service attacks, remote code execution and more.

The former Citibank CISO was well-known as an industry pioneer and for mentoring cybersecurity talent in a most generous way.

Hackers gained initial access to the civilian agency two months after a mandatory deadline to patch the vulnerability had expired.

While AeroBlade’s techniques are more sophisticated in many ways, security pros say the initial attack vector was a common spearphishing attack – something U.S. companies must do a better job protecting against.

Ongoing exploitation of unpatched instances of a Microsoft Exchange flaw is being tied to Russia-linked APT28 or Fancy Bear.

The company told SC Media about 14,000 accounts were accessed, with millions more DNA Relatives caught in the crossfire.

The move by the threat actors to attack 32-bit MIPS processors reflects an attempt to propagate the P2Pinfect malware to a broader range of targets.

Default passwords enabled the Iranian-linked APT to compromise Israeli-made control systems at water and wastewater facilities, a public aquarium and a brewery.

iOS 17.1.2, macOS Sonoma 14.1.2 and Safari 17.1.2 updates resolve the vulnerabilities.

All roads in the FNF case lead to a ransomware incident, but there’s still no confirmation which group executed the attack or if a ransom was paid.