The House of Representatives recently passed new legislation prohibiting data brokers from selling Americans' personal information to foreign adversary countries or entities under their control.

An Iran-linked hacking group claims to have infiltrated a sensitive Israeli nuclear facility's computer network in an incident described by the hackers as a protest against the war in Gaza.

The website security company Sucuri discovered a malware campaign dubbed "Sign1" that has infected more than 39,000 WordPress websites in the last six months, causing visitors to get unwanted redirects and popup ads.

Amazon Web Services (AWS) Managed Workflows for Apache Airflow (MWAA) had a vulnerability that enabled session hijacking with a single click.

The US Cybersecurity and Infrastructure Security Agency (CISA) recently released 15 advisories addressing serious vulnerabilities in industrial control products from Siemens, Mitsubishi Electric, Delta Electronics, and more.

Microsoft has recently released a patch for an Xbox vulnerability after initially telling the reporting researcher that it was not a security issue.  The vulnerability is tracked as CVE-2024-2891, and it impacts Xbox Gaming Services.

In "Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations," the National Institute of Standards and Technology (NIST) defines different Adversarial Machine Learning (AML) tactics and cyberattacks, as well as provides guida

According to GuidePoint Security, smaller Ransomware-as-a-Service (RaaS) groups are trying to recruit new and "displaced" LockBit and Alphv/BlackCat affiliates by offering better payout splits, full-time support, and more.

A threat actor, tracked as "Fluffy Wolf," is spreading different types of malware using accounting report lures in a phishing campaign that relies on malicious and legitimate software.

According to the 2024 Thales Data Threat Report, ransomware attacks increased by 27 percent in 2023, with 8 percent of impacted organizations deciding to pay the demanded ransom.

The US Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and several other agencies in the US and around the world urge critical infrastructure leaders to protect the

According to a survey commissioned by Palo Alto Networks, many industrial organizations are hit with cyberattacks, which result in the shutdown of Operational Technology (OT) processes in a significant percentage of cases.