Security researchers at Recorded Future stated that the Russian invasion of Ukraine in early 2022 appears to have led to a double-digit decrease in stolen payment card records published to the dark web.  The researchers analyzed detailed threat…

The Sigstore community recently announced the first stable release of sigstore-python, enhancing software supply chain security and breaking ground for other client implementations of Sigstore currently in the earlier stages. Sigstore is an open-source…

Researchers from FortiGuard Labs found three malicious PyPI packages named "colorslib," "httpslib," and "libhttps" uploaded to the PyPI repository by the same malicious actor, Lolip0p. The packages, which were found on January 10, 2023, are designed to…

Avast and Bitdefender have recently released decryptors to help victims of BianLian and MegaCortex ransomware recover their data for free. BianLian, written in Golang, emerged in August 2022 and has been used in targeted attacks against entertainment,…

According to a Polish security researcher named Dawid Potocki, more than 290 MSI motherboards are impacted by insecure default UEFI Secure Boot settings, which enable any operating system image to execute regardless of whether it has a valid or…

According to new research from Zapata Computing, the quantum computing market is maturing with widespread, worldwide interest and increased urgency in addressing post-quantum cybersecurity threats. Seventy-one percent of quantum-adopting companies…

According to the software-testing firm Veracode, over three-quarters of Java and .NET applications contain at least one vulnerability from the OWASP Top 10, a list of software flaws commonly used by developers as a baseline for application security. In…

Researchers have discovered that threat actors can exploit a legitimate GitHub Codespaces feature to distribute malware to target systems. GitHub Codespaces is a cloud-based customizable development environment that allows users to debug, maintain, and…

Continuous integration and delivery platform CircleCI has recently confirmed that a data breach that occurred on January 04, 2023, was caused by an infostealer being deployed on an employee's laptop.  The company noted that they learned that an…

According to security researchers at Check Point, the Qbot Trojan overtook Emotet as the most prevalent malware found in the wild in December 2022, impacting 7% of organizations worldwide.  Additionally, the Glupteba malware, a blockchain-enabled…

Canadian liquor distributor Liquor Control Board of Ontario (LCBO) has recently announced that a web skimmer injected into its online store was used to steal users’ personal data.  One of the largest liquor sellers in Canada, LCBO retails and…

The US Department of Defense (DoD) is getting ready to launch the third installment of its "Hack the Pentagon" bug bounty program, which will focus on the Facility Related Controls System (FRCS) network.  Hack the Pentagon was first launched in 2016…