The US Cybersecurity and Infrastructure Security Agency (CISA) has released an Industrial Control System (ICS) advisory informing organizations of a high-severity vulnerability discovered in an outdated industrial switch made by the Israel-based networ

It has recently been announced that a statewide outage of the 911 emergency response system in Massachusetts this week was caused by an errant firewall that prevented calls from getting to the 911 dispatch centers.

Google recently announced a Chrome 126 update that contains six security fixes, four of which address high-severity vulnerabilities reported by external researchers.

Amtrak is starting to notify some customers that their Guest Rewards Accounts have been hacked.  According to Amtrak, no Amtrak systems were compromised in the attacks, as credential stuffing was employed.

According to security researchers at Hack The Box, British and US enterprises may be throwing away as much as $756m each year through lost productivity due to burned-out cybersecurity staff.

A team of researchers investigated 36 digital square global goods, including open source apps, software development kits, desktop apps, and web apps used in the health sector.

Threat actors are using free or pirated versions of commercial software as lures to deliver "Hijack Loader," which deploys "Vidar Stealer," an information stealer.

Recent attacks on customer accounts hosted by the Snowflake data warehousing platform suggest that threat actors are shifting to targeting Software-as-a-Service (SaaS) application environments.

According to a new Barracuda report, in 2023, about 92 percent of organizations faced an average of six credential compromises due to email-based social engineering attacks.

According to G Data CyberDefense, a backdoor dubbed "BadSpace" is being distributed using a multi-stage attack chain involving infected WordPress websites.

According to Action1, threat actors are increasingly targeting edge devices known as load balancers. A load balancer distributes connections from clients between a set of servers.

A malware distribution campaign uses fake Google Chrome, Word, and OneDrive errors to trick users into installing malware through malicious PowerShell "fixes." The new campaign has been used by multiple threat actors, including those behind "ClearFake,