The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...
Chainguard OpenVEX Spec adds clarity to Supply Chain Vulnerability warnings specifications to help software vendors and maintainers communicate precise metadata about the vulnerability status...
Google this week announced OSV-Scanner, a free scanner that open source developers can use to receive vulnerability details relevant to their projects.The high number...
Mordechai Guri, a cybersecurity researcher from the Ben-Gurion University of the Negev in Israel who specializes in air gap jumping, has released a paper...
An Iran-linked advanced persistent threat (APT) actor named Agrius is using a new wiper in attacks targeting entities in South Africa, Israel and Hong...
The U.S. government’s mandates around the creation and delivery of SBOMs (software bill of materials) to help mitigate supply chain attacks has run into...
Researchers at firmware and hardware security company Eclypsium have identified several potentially serious vulnerabilities in baseboard management controller (BMC) firmware made by AMI (American...
Developers have been warned that the popular Quarkus framework is affected by a critical vulnerability that could lead to remote code execution.Available since 2019,...
Forescout Technologies has disclosed the details of three new vulnerabilities identified by its researchers in operational technology (OT) products from Festo and Codesys.
US authorities announced a ban Friday on the import or sale of communications equipment deemed "an unacceptable risk to national security" -- including gear...
A cross-tenant vulnerability in Amazon Web Services (AWS) could have allowed attackers to abuse AWS AppSync to gain access to resources in an organization’s...
Microsoft is warning organizations about the risks associated with the discontinued Boa web server after vulnerabilities affecting the software were apparently exploited by threat...
North Korean hackers working for the government stole virtual assets last year estimated to be worth between $630 million and more than $1 billion, U.N. experts...