Ivanti misdiagnoses a remote code execution vulnerability and Mandiant reports that Chinese hackers are launching in-the-wild ...

Two CVEs now exist for an actively exploited CrushFTP vulnerability and much of the security industry is using the ‘wrong one ...

Cisco fixes two high-severity denial-of-service vulnerabilities in Meraki devices and Enterprise Chat and Email.

Oracle has confirmed suffering a data breach but the tech giant is apparently trying to downplay the impact of the incident.

The notorious cybercrime group Hunters International is dropping ransomware to focus on data theft and extortion.

GitHub has announced new capabilities to help organizations and developers keep secrets in their code protected.

Evidence shows a SpotBugs token compromised in December 2024 was used in the March 2025 GitHub Actions supply chain attack.

Less than two dozen cybersecurity merger and acquisition (M&A) deals were announced by security firms in March 2025.

How organizations can gauge the readiness and maturity of their security programs to make testing of all types as impactful ...

Apple adding TCC events to Endpoint Security, cybersecurity funding report for Q1 2025, Trump fires the head of NSA and Cyber ...

A patch has been released for a serious information disclosure vulnerability affecting a Verizon call filtering application.

DeepMind developed a framework that highlights areas where adversarial AI is weakest, allowing defenders to prioritize ...