SecurityWeek

GitLab issues an advisory for a critical-severity vulnerability that allows an attacker to trigger a pipeline as another user.

In response to recent intrusions, CISA and the FBI are urging businesses and device manufacturers to eliminate OS command injection vulnerabilities at the source.

Palo Alto Networks patched a critical vulnerability in its Expedition tool and addressed the impact of the recently disclosed BlastRADIUS vulnerability.

VMware warns that authenticated malicious users could enter specially crafted SQL queries and perform unauthorized read/write operations in the database.

Israeli startup raises $16 million in seed funding to build what is being described as a “cyber crisis readiness and management” platform.

Citrix rolls out patches for multiple security vulnerabilities, including critical and high-severity issues in the NetScaler product line.

Few people understand AI, nor how to use nor control it, nor where it is going. Yet politicians wish to regulate it.

The US and allies blame Russian state-sponsored threat actors for using Meliorator AI software to create a social media bot farm.

Several ICS vendors released advisories on Tuesday to inform customers about vulnerabilities found in industrial and OT products.

A cyber resilience strategy is vital for business continuity and can provide a range of benefits before, during, and after a cyberattack.

Patch Tuesday: Microsoft patches more than 140 security vulnerabilities in the Windows ecosystem, including a pair of exploited zero-days.

Adobe documents at least seven code execution bugs affecting Adobe Premiere Pro, Adobe InDesign and Adobe Bridge on Windows and macOS.

Security vendor InkBridge Networks calls urgent attention to the discovery of a decades-old design flaw (CVE-2024-3596) in the popular RADIUS protocol.

Command Zero has emerged from stealth mode with $21 million in a seed funding round led by Andreessen Horowitz.

Patch Tuesday: Enterprise software vendor SAP releases patches for high-severity vulnerabilities in multiple products and tools.

Evolve Bank says personal information of more than 7.6 million individuals was compromised in a ransomware attack.

The Ransomhub ransomware gang has claimed the theft of 100GB of data from the Florida Department of Health.

Seven nations are backing Australia in calling out a China-linked hacking group for compromising government networks.

Moving from a state of indifference about security to a place where users actively champion it can be transformed through a focused effort.

Starting in September, Microsoft will mandate the the use of Apple’s iPhones to authenticate identities when logging into work machines.