Ivanti misdiagnoses a remote code execution vulnerability and Mandiant reports that Chinese hackers are launching in-the-wild ...

Two CVEs now exist for an actively exploited CrushFTP vulnerability and much of the security industry is using the ‘wrong one ...

Oracle has confirmed suffering a data breach but the tech giant is apparently trying to downplay the impact of the incident.

Cisco fixes two high-severity denial-of-service vulnerabilities in Meraki devices and Enterprise Chat and Email.

The notorious cybercrime group Hunters International is dropping ransomware to focus on data theft and extortion.

GitHub has announced new capabilities to help organizations and developers keep secrets in their code protected.

Evidence shows a SpotBugs token compromised in December 2024 was used in the March 2025 GitHub Actions supply chain attack.

Apple adding TCC events to Endpoint Security, cybersecurity funding report for Q1 2025, Trump fires the head of NSA and Cyber ...

Less than two dozen cybersecurity merger and acquisition (M&A) deals were announced by security firms in March 2025.

How organizations can gauge the readiness and maturity of their security programs to make testing of all types as impactful ...

A patch has been released for a serious information disclosure vulnerability affecting a Verizon call filtering application.

A critical vulnerability in Apache Parquet can be exploited to execute arbitrary code remotely, leading to complete system compromise.