Latest News

CISA, FBI, and ACSC have published guidance to help software manufacturers establish secure deployment processes.

Insurance administrator Landmark Admin says personal information stolen in a ransomware attack earlier this year.

UnitedHealth told the US health department that hackers stole the information of 100 million people in a February ransomware attack.

AWS announced the seizure of domains used by Russian hacker group APT29 in phishing attacks targeting Ukraine and other countries.

New rules from the White House on AI use by US national security and spy agencies aim to balance the technology’s promise with the need to protect against risks.

OnePoint Patient Care has disclosed a data breach impacting the personal information of nearly 800,000 individuals.

Cupertino said the research lab and tooling offers “verifiable transparency” of its promises to secure AI-powered data on its platforms.

Nvidia rolls out urgent security updates to fix at least 8 high-severity vulnerabilities in GPU drivers for Windows and Linux.

The Lazarus APT created a deceptive website that exploited a Chrome zero-day to install malware and steal cryptocurrency.

Deceptive Delight is a new AI jailbreak that has been successfully tested against eight models with an average success rate of 65%.

A Fortinet zero-day tracked as CVE-2024-47575 and named FortiJump has been exploited since at least June 2024.

The Penn State university has agreed to pay $1.25 million to settle alleged failure to meet cybersecurity requirements for DoD and NASA contracts.

AI models from Hugging Face can contain similar hidden problems to OSS downloads from repositories such as GitHub.

Cisco has released patches for multiple vulnerabilities in ASA, FMC, and FTD products, including an exploited flaw.

Over $350,000 was paid out on day 2 of Pwn2Own Ireland 2024, including $50,000 for an exploit targeting the Samsung Galaxy S24.