Security News > 2024 > December

The geographic distribution of open-source contributions introduces geopolitical risks that organizations must urgently consider, especially with rising nation-state attacks, according to Lineaje....

High-risk access exists throughout the workplace, in almost every job role, proving that the time has come for organizations to re-think the way they protect their workforce, according to...

'Where we go is who we are' totally isn't a creepy ad slogan at all The FTC has reached a settlement with two data brokerages over allegations they harvested precise location data that shows when...

20-year-old info disclosure class bug still pervades security software It's time to rev up those patch engines after SailPoint disclosed a perfect 10/10 severity vulnerability in its identity and...

Stoli Group's U.S. companies have filed for bankruptcy following an August ransomware attack and Russian authorities seizing the company's remaining distilleries in the country. [...]

Cloudflare's 'pages.dev' and 'workers.dev' domains, used for deploying web pages and facilitating serverless computing, are being increasingly abused by cybercriminals for phishing and other...

ENGlobal customers include the Pentagon as well as major oil and gas producers American energy contractor ENGlobal disclosed that access to its IT systems remains limited following a ransomware...

​CISA released guidance today to help network defenders harden their systems against attacks coordinated by the Salt Typhoon Chinese threat group that breached multiple major global...

A proof-of-concept (PoC) exploit for a critical-severity remote code execution flaw in Progress WhatsUp Gold has been published, making it critical to install the latest security updates as soon...

​Veeam released security updates today to address two Service Provider Console (VSPC) vulnerabilities, including a critical remote code execution (RCE) discovered during internal testing. [...]