Cybersecurity giant Fortinet has recently confirmed it suffered a data breach after a threat actor claimed to steal 440GB of files from the company's Microsoft Sharepoint server.

Checkmarx reports that Gallup fixed two Cross-Site Scripting (XSS) errors on its website that could have resulted in data theft and account takeovers. Gallup is known for its public opinion polls, including polls regarding US politics and elections.

GitLab has released critical updates for multiple vulnerabilities, one of which enables an attacker to trigger pipelines as arbitrary users under certain conditions.

Etay Maor, Chief Security Strategist and founding member of Cyber Threats Research Lab (CTRL) at Cato Networks, highlights some of the top tactics used by cybercriminals to evade traditional security measures.

Since cybercrime has made threat actors tens of billions of dollars over the past decade, the Federal Bureau of Investigation (FBI) has warned organizations to be on the lookout for Business Email Compromise (BEC) attempts.

Transport for London (TfL) has recently confirmed that some customer data has been breached following a cyberattack on its systems.

According to security researchers at Sophos, schools, colleges, and universities face growing costs from ransomware attacks.

Cisco recently announced patches for eight vulnerabilities in the IOS XR network operating system, including fixes for six high-severity bugs.

According to ESET, the "CosmicBeetle" ransomware group, also known as "NONAME" or "Spacecolon," may now be affiliated with "RansomHub." ESET's recent report details the activities and tactics that CosmicBeetle has carried out since its discovery in 202

A "simplified Chinese-speaking actor" is linked to a new Search Engine Optimization (SEO) rank manipulation campaign targeting countries in Asia and Europe.

According to the "2024 ISC2 Cybersecurity Workforce Study," the global cybersecurity workforce gap has grown by 19 percent in the past year, with an additional 4.8 million professionals needed to adequately secure organizations.

Attackers have weaponized an "ancient" version of Microsoft Word in an attack dubbed "WordDrone." The wave of WordDrone attacks targeted Taiwanese drone manufacturers.