Cisco has fixed a critical flaw that enables attackers to change any user's password on vulnerable Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers, including administrators.

According to Legit Security, most GitHub Actions are overly privileged or have risky dependencies.

According to a Netskope study, 96 percent of organizations now use generative Artificial Intelligence (AI) applications, raising the risk of sharing sensitive data with these public tools.

Researchers have discovered an updated variant of "BeaverTail" stealer malware used by attackers affiliated with the Democratic People's Republic of Korea (DPRK).

Researchers believe cybercriminals in Iraq secretly posted malicious Python code to the popular PyPl repository.

Atlassian has released security updates to address several critical vulnerabilities in its Bamboo, Confluence, and Jira products.

Researchers have revealed more about the "Qilin" ransomware group, which recently demanded $50 million from the healthcare sector. Synnovis, a pathology services provider, was attacked earlier this month, affecting several NHS hospitals in London.

According to Microsoft, the "Scattered Spider" cybercrime gang has added "Qilin" ransomware to its arsenal.

Interpol has defeated several West African cybercriminal groups, including the "Black Axe" syndicate. "Operation Jackal III" took place from April 10 to July 3 in 21 countries on five continents, resulting in 300 arrests and $3m in asset seizures.

Attackers are exploiting a patched Apache HugeGraph vulnerability. Apache HugeGraph is an open source graph database system used to build applications based on graph databases.

Google recently announced security updates for Chrome 126 that address ten vulnerabilities, including eight high-severity bugs reported by external researchers.

MNGI Digestive Health has started notifying over 765,000 individuals that their personal information was compromised in an August 2023 data breach.