Cybersecurity firm Kaspersky reports that the Amazon Simple Email Service (SES) is being increasingly abused to send convincing phishing emails that can bypass standard security filters and render...
OS Command Injection vulnerability (CVE-2025-13605) has been found in 3onedata GW1101-1D(RS-485)-TB-P modbus gateways.
The Power 100 is culled from the ranks of CRN’s 2026 Women of the Channel and spotlights the female executives at vendors and distributors whose insight and influence help drive channel success.
'If you don't have visibility, you can't understand what to protect' When it comes to securing enterprise supply chains, now heavily infused with AI applications and agents, a software bill of...
The security pitfalls of complexity and how next-gen XDR does it better
A previously unknown threat actor has been observed targeting government and military entities in Southeast Asia, alongside a smaller cluster of managed service providers (MSPs) and hosting...
Using a 1930s trade law, Homeland Security targeted the man—who hasn't entered the US in more than a decade—following posts on X condemning the killings of Renee Good and Alex Pretti.
[Control systems] CISA ICS security advisories (AV26–417)
Red Hat security advisory (AV26-418)
Ubuntu security advisory (AV26-416)
Get actionable best practices to shrink your attack surface, protect execution environments, control package ingestion, and catch compromises early.
FreeBSD security advisory (AV26-415)
For the latest discoveries in cyber research for the week of 4th May, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Medtronic, a global medical device maker, has...
Dell security advisory (AV26-414)
IBM security advisory (AV26-413)
A malicious version of the PyTorch Lightning package published on the Python Package Index (PyPI) delivers a credential-stealing payload targeting browsers, environment files, and cloud services. [...]
The overwhelming majority of stolen cryptocurrency today is being used to fund the Democratic People’s Republic of Korea (DPRK). Crypto theft is rampant because it’s easy. The system, bereft of...
A newly discovered Vietnamese-linked operation has been observed using a Google AppSheet as a “phishing relay” to distribute phishing emails with an aim to compromise Facebook accounts. The...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), alongside the Australian Cyber Security Centre and other international partners,... The post CISA and partners release agentic AI...
After four years of watching the war in Ukraine, NATO defense decision-makers are finally beginning to pour money into drones. The Iran conflict has drawn further attention to these investments....
China is not just modernizing its military. It is reimagining how future wars will be fought. The People’s Liberation Army’s (PLA’s) embrace of “intelligentized warfare” (智能化战争) reflects a...
Tom Parker, a security services lead at IBM with some two decades of experience in the cybersecurity industry, has emerged as a potential contender to lead the Cybersecurity and Infrastructure...
Cybersecurity firm Trellix disclosed a data breach after attackers gained access to "a portion" of its source code repository. [...]
An all-out race toward artificial general intelligence (AGI), driven by expectations that the first state to achieve AGI will enjoy an overwhelming and enduring first-mover advantage over its...
A vulnerability has been discovered in WHM, cPanel, and WP Squared that could allow for remote code execution. WHM, cPanel, and WP Squared are Linux-based web hosting control panels for server and...
The Defense Department has completed agreements with eight technology companies, including many of the industry’s biggest, to use their artificial-intelligence capabilities in classified settings,...
Following your foundation, operationalize Wiz across development, detection and response, and program maturity so your security program never stops getting stronger.
Following your foundation, operationalize Wiz across development, detection and response, and program maturity so your security program never stops getting stronger.
A coordinated international operation involving U.S. and Chinese authorities has arrested at least 276 suspects and shut down nine scam centers used for cryptocurrency investment fraud schemes...
Even limited voter rolls can be linked to identify people, research shows