Researchers at Checkmarx have discovered that threat actors could abuse entry points across PyPI, npm, Ruby Gems, and other programming ecosystems to stage software supply chain attacks.

Researchers at the Georgia Institute of Technology (Georgia Tech) have developed a new tool named "Detector of Victim-specific Accessibility" (DVa) to check for malware on Android phones.

Juniper Networks has recently released patches for dozens of vulnerabilities in its Junos OS and Junos OS Evolved network operating systems, including multiple flaws in several third-party software components.

Gryphon Healthcare and Tri-City Medical Center recently disclosed separate data breaches in which the personal information of more than 500,000 individuals was stolen.

OpenAI disrupted over 20 malicious cyber operations involving ChatGPT, its Artificial Intelligence (AI)-driven chatbot. Threat actors have used ChatGPT to develop malware, evade detection, and more.

The finalization of the latest version of the Cybersecurity Maturity Model Certification (CMMC) program empowers US Department of Defense (DOD) officials to better assess cybersecurity measures implemented by defense contractors.

The cyber insurance provider Coalition reported that its customers made fewer claims in the first half of 2024 than in the same period in 2023, but their average loss increased by 14 percent to $122,000.

Japanese game developer Game Freak, the firm behind the Pokémon franchise, has recently suffered a security breach exposing the data of 2606 employees and partners.

Casio has recently revealed that some of its corporate systems and services are still damaged and personal information has been compromised, after a ransomware attack over a week ago.

Penn State researchers will lead a multi-institution project called "Verified Probabilistic Cognitive Reasoning for Tactical Mixed Reality Systems (VeriPro)" funded by the Defense Advanced Research Projects Agency (DARPA) to identify cognitive threats

In a new art exhibition, Virginia researchers and artists challenge our cybersecurity perceptions.

A critical security vulnerability allows ransomware gangs such as "Akira" and Fog" to conduct Remote Code Execution (RCE) on vulnerable Veeam Backup & Replication (VBR) servers.