GitHub, the world's largest open-source software development community, has added a communication channel to its platform to make it easier for security researchers to report vulnerabilities to project maintainers. Reporting vulnerabilities has always…

More than a third of Uyghur-language Android apps distributed through social media or downloaded from unofficial app stores are infected with malware. Lookout Inc., a cybersecurity company, based in San Francisco, discovered two new malware variants…

Popular PDF document reader Foxit Reader has recently been updated to address multiple use-after-free security bugs that could be exploited for arbitrary code execution.  This week, Cisco’s Talos security researchers published information on four…

The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) has released a set of documents to help agencies and other organizations prioritize software vulnerability remediation. However, the use of the guidance is…

Security researchers at Palo Alto Networks have discovered LiteSpeed Web Server vulnerabilities and noted that they can be exploited to take complete control of a targeted server.  The researchers said that the security holes were found during an…

Following a malware attack, a community college in California was recently taken offline, and its services were disrupted. On November 3, Merced College went offline, with the school stating on Twitter that it was experiencing a significant network…

Cryptocurrency mining has grown by 230 percent in popularity among cybercriminals in the past year, as it is expensive regarding machinery and energy consumption. If cybercriminals cryptojack someone else's machine to do it, they could make a lot of…

Security researchers at Digital Shadows are warning organizing bodies and key partners of the FIFA World Cup in Qatar to enhance their resilience against a potential barrage of cyber threats.  The researchers collected threat data on the event over…

Microsoft officially linked cyberattacks involving the 'Prestige' ransomware to the Russian hacking group named IRIDIUM. According to Microsoft, the ransomware was used in a series of attacks targeting the transportation and logistics sectors in Ukraine…

The Cybersecurity and Infrastructure Security Agency (CISA) stated on Wednesday that cyberattacks did not disrupt or compromise the midterm voting procedures.  CISA noted that it had not seen any evidence that any voting system deleted or lost votes…

The US Department of Health and Human Services (HHS) has issued a warning about Venus Ransomware attacks targeting healthcare organizations in the country. HHS' security team also mentions at least one incident in which Venus Ransomware was deployed on…

According to a news study by researchers at Delinea, cyber insurance providers appear to be limiting policy coverage due to surging costs from claimants.  The researchers polled 300 US-based IT decision-makers for the study.  The researchers…