SecurityWeek

Chrome and Firefox security updates released on Tuesday resolve a critical-severity and multiple high-severity vulnerabilities.

The White House is calling on state environmental, health, and homeland security agencies to convene on safeguarding water systems.

Cyber risk management firm CyberSaint has raised $21 million in Series A funding, bringing the total investment to $29 million.

Academic researchers describe a new application-layer loop DoS attack affecting Broadcom, Honeywell, Microsoft and MikroTik.

Atos shares tank after Airbus decides not to move ahead with discussions to acquire its cybersecurity business.

Earth Krahang, likely a penetration team of Chinese government contractor I-Soon, has compromised 48 government entities worldwide.

Data security firm BigID raises $60 million in a growth round that brings the total to $320 million and values the company at over $1 billion.

Nations Direct informs 83,000 individuals that their personal information was compromised in a data breach.

The rapid evolution of AI and analytics engines will put campaign-year disinformation into hyperspeed in terms of false content creation, dissemination and impact.

A weakness in a Firebase implementation allowed researchers to gain access to names, phone numbers, email addresses, plaintext passwords, confidential messages, and more.

Mintlify announces vulnerability disclosure program after a data breach exposed 91 customer GitHub tokens.

A recently patched Aiohttp vulnerability tracked as CVE-2024-23334 is being targeted by threat actors, including by a ransomware group.

UnitedHealth is testing the last major system it must restore from last month’s Change Healthcare cyberattack, but it has no date yet for finishing the recovery.

UK’s NCSC releases security guidance for OT organizations considering migrating their SCADA solutions to the cloud.

Fujitsu says hackers infected internal systems with malware, stole personal and customer information.

The networking giant paid $157 per share in cash for Splunk, a powerhouse in data analysis, security and observability tools, in a deal first announced in September 2023.

Since 2016, the US DoD has received over 50,000 submissions through its vulnerability disclosure program.

The desire to be a hacker is usually innate, and commonly emerges in early life. This did not happen with Snow: she was a married freelance special effects makeup artist when it all began.

Researchers demonstrate remote GPU cache side-channel attack from within browsers against AMD and NVIDIA graphics cards.

Sandu Diaconu has been sentenced to 42 months in prison for operating a marketplace for compromised credentials.