Law enforcement turns the PlugX malware’s own self-delete mechanism against it, nuking the China-linked trojan from thousands ...

Trevin Edgeworth is the Red Team Practice Director at Bishop Fox, where he focuses on building and leading adversary ...

DORA requires EU financial institutions to test and show compliance with rules for cybersecurity risk-management, incident ...

Open source software (OSS) is a prime target for supply chain cyberattacks and protecting it remains a major challenge.

A vulnerability in Google’s OAuth implementation allows takeover of old employee accounts when domain ownership changes.

Google has released Chrome 132 with fixes for 16 vulnerabilities, including multiple high-severity security defects.

Nvidia, Zoom, and Zyxel have released patches for multiple high-severity vulnerabilities across their products.

The US, Japan, and South Korea say North Korean hackers stole roughly $660 million in cryptocurrency last year.

Ivanti has released patches for multiple vulnerabilities in Endpoint Manager (EPM), including four critical-severity flaws.

Fortinet patches critical vulnerabilities, including a zero-day that has been exploited in the wild since at least November ...

Schneider Electric, Siemens, CISA, and Phoenix Contact have released January 2025 Patch Tuesday ICS security advisories.

Ivanti VPNs are still exposed to attacks exploiting a recent vulnerability tracked as CVE-2025-0282 and Nominet has been ...