The Office of Management and Budget (OMB) has released a new "progress report" on the condition of cybersecurity across federal agencies. The progress report offers new cyber metrics generated from the Federal Information Security Modernization Act (…

Multiple vulnerabilities, tracked as CVE-2022-38023, CVE-2022-37966, CVE-2022-37967, and CVE-2022-45141, exist in Samba and can be exploited to take control of affected systems. Samba announced the 4.17.4, 4.16.8, and 4.15.13 security releases on…

Cisco has recently updated multiple security advisories to warn of the malicious exploitation of severe vulnerabilities impacting its networking devices.  Many of the bugs, which carry severity ratings of "critical" or "high," have been addressed 4-…

Google has announced that organizations can now request to test client-side encryption for web-based Gmail. This long-promised functionality is now accessible to a limited number of Workspace customers. According to Google, the new encryption option…

A security researcher has discovered flaws in the online game Wordle, owned by the New York Times, that leak the answer to the daily word puzzle and expose its Application Programming Interface (API) to potential hackers. David Thompson, a security…

Research and Markets has predicted that the global external cloud automotive cybersecurity services market will increase from $1.74 billion in 2021 to $2.12 billion in 2022 at a Compound Yearly Growth Rate (CAGR) of 21.8 percent and will reach $4.14…

In November, the Internal Revenue Service (IRS) accidentally republished 112,000 taxpayer data records that were previously published due to a technical issue earlier in the year. An external contractor operating on behalf of the IRS and tasked with…

Security researchers used CloudSEK's BeVigil security search engine to analyze 600 apps on the Google Play store and found that 50% were leaking application programming interface (API) keys of three popular transactional and marketing email service…

In recent years, threat actors have often employed Business Email Compromise (BEC) attacks to steal money from organizations. In a new development, cybercriminals are using these attacks to steal food shipments and ingredients from suppliers and…

Mend found and added 33 percent more open-source vulnerabilities to its database in the first nine months of 2022 than it did in the first nine months of 2021, representing both the increase in the number of published open-source packages and the…

The Glupteba malware botnet has reemerged, infecting devices throughout the globe after Google halted its operation about a year ago. Google was able to disrupt the blockchain-enabled botnet in December 2021 by obtaining court orders to seize control of…

Agenda ransomware has been spotted in the wild with a Rust edition, making it the most recent malware to adopt the cross-platform programming language after BlackCat, Hive, Luna, and RansomExx. Agenda, credited to an operator named Qilin, is a Ransomware…