Latest News

US and Australian government agencies provide guidance on addressing access control vulnerabilities in web applications.

Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of July 24, 2023.

The first attempts to exploit CVE-2023-24489, a recent critical Citrix ShareFile remote code execution vulnerability, have been observed.

Several industry professionals comment on the SEC’s new cybersecurity incident disclosure rules and their implications.

Zimbra has released patches for a cross-site scripting (XSS) vulnerability that has been exploited in malicious attacks.

CoinsPaid says North Korean hacking group Lazarus is likely responsible for the recent theft of $37 million in cryptocurrency.

Several vulnerabilities found in Weintek Weincloud could have allowed hackers to manipulate and damage ICS, including PLCs and field devices.

Redmond is accused of “negligent cybersecurity practices” that enabled a successful Chinese hack of the United States government.

Threat intelligence services provider QuoIntelligence has raised €5 million ($5.5 million) in seed funding.

CISA Director Jen Easterly says more is needed to defend the integrity and resiliency of the election process ahead of the 2024 election.

The TSA has released updated cybersecurity requirements for pipeline owners and operators, instructing them to test assessment and incident response plans.

Join SecurityWeek and TXOne Networks for this webinar as we expose common misconceptions surrounding the security of Operational Technology (OT) and dive into the evolving threat landscape.

Internet-connected Peloton workout equipment is impacted by multiple security risks, such as having USB debugging enabled.

Thinking through the good, the bad, and the ugly now is a process that affords us “the negative focus to survive, but a positive one to thrive."

Researchers discovered two vulnerabilities in the Ubuntu OverlayFS module: CVE-2023-2640 and CVE-2023-32629 (together dubbed ‘GameOver(lay)’).