North Korean Software Supply Chain Attack Hits North America, Asia
A North Korean threat group breached a Taiwanese software company and leveraged its systems to deliver malware to devices in North America and Asia, Microsoft…
A North Korean threat group breached a Taiwanese software company and leveraged its systems to deliver malware to devices in North America and Asia, Microsoft…
SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a…
Researchers at Aqua Security are calling urgent attention to the public exposure of Kubernetes configuration secrets, warning that hundreds of organizations and open-source projects are…
Car parts giant AutoZone, which has over 7,000 stores across the Americas, is informing nearly 185,000 individuals that their personal information was compromised as a…
Microsoft announced on Tuesday that it is willing to pay up to $20,000 for vulnerabilities reported as part of a new bug bounty program for…
Security researchers have tested the fingerprint sensors used for Windows Hello on three popular laptops and managed to find a way to bypass authentication on…
The ousted leader of ChatGPT-maker OpenAI is returning to the company that fired him late last week, culminating a days-long power struggle that shocked the…
Risk assessment should be a rational and objective undertaking. We as humans, with our emotions, can sometimes be irrational and subjective. As security professionals, this would seem…
Cybercriminals hacked into the Kansas court system, stole sensitive data and threatened to post it on the dark web in a ransomware attack that has…
Australian and US governmental agencies and Citrix this week issued fresh warnings on the exploitation of a critical NetScaler product vulnerability. Tracked as CVE-2023-4966 (CVSS…
End-to-end generative AI security startup Lasso Security has emerged from stealth mode with $6 million in a seed funding round led by Entrée Capital, with…
The US cybersecurity agency CISA has announced a new pilot program to provide managed cybersecurity services to critical infrastructure entities that need support. For years,…