The IEEE recently published its annual ranking of the Top Programming Languages!  The top 10 trending programming languages in 2022 include Python, Java, C, JavaScript, C++, C#, SQL, PHP, HTML, and Go.  The IEEE also looked at hundreds of …

Mozilla recently patched several high-severity vulnerabilities in its Firefox and Thunderbird products.  Firefox 104, as well as Firefox ESR 91.13 and 102.2, patches a high-severity address bar spoofing issue related to XSLT error handling.  …

Gallium, a Chinese Advanced Persistent Threat (APT) group, has been observed using a previously unknown Remote Access Trojan (RAT) in espionage attacks against firms in Southeast Asia, Europe, and Africa. The "difficult-to-detect" backdoor known as…

PyPI, the official third-party software repository for Python packages, is warning its users about a phishing campaign. It was discovered that some maintainers of legitimate projects had been compromised, and malware had been published as the latest…

According to a new investigation into the phishing campaign that targeted Twilio and Cloudflare in July, more than 130 organizations have been affected since the initial attack. In the campaign, which began in March 2022, nearly 10,000 user credentials…

A security researcher with a long track record of demonstrating novel data exfiltration methods from air-gapped systems has devised yet another method that involves sending Morse code signals via LEDs on Network Interface Cards (NICs). Dr. Mordechai Guri…

The National Science Foundation (NSF) has awarded funding to a team of researchers at Virginia Commonwealth University (VCU) in support of a project aimed at improving the security of Internet-connected medical devices. The principal investigator of the…

On July 20, 2022, the American Data and Privacy Protection Act (ADPPA) was moved out of the US House of Representatives Committee on Energy and Commerce by a vote of 53-2. The bill still needs to be passed by the full House and Senate. ADPPA includes…

The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA), along with state and local election community members, completed a three-day exercise to prepare for various potential cyber and physical threats to the voting…

According to a new report from the Managed Detection and Response (MDR) provider Critical Insight, attackers have shifted their focus to smaller hospital systems and specialty clinics lacking a high level of security preparedness, staff size, or budget…

The Healthcare Cybersecurity Act of 2022 was recently proposed to Congress by US Senators. The purpose of this new legislation is to reduce cybersecurity attacks and data breaches in the healthcare and public health sectors. The plan is to establish…

Security researchers at Venafi discovered that after six months of war in Ukraine, nation-sponsored cyber-warfare continues to be top of mind for security decision makers.  Nearly two-thirds (64%) of organizations believe they have been targeted, or…