CISA Adds Three Known Exploited Vulnerabilities to Catalog

The American Radio Relay League (ARRL) warns it suffered a cyberattack, which disrupted its IT systems and online operations, including email and the Logbook of the World.

A ransomware operation targets Windows system administrators by taking out Google ads to promote fake download sites for Putty and WinSCP.

The banking trojan "Grandoreiro" is spreading in a large-scale phishing campaign in over 60 countries, targeting customer accounts of roughly 1,500 banks.

Starting in July, Microsoft will begin gradually enforcing multi-factor authentication (MFA) for all users signing into Azure to administer resources.

The Norwegian National Cyber Security Centre (NCSC) recommends replacing SSLVPN/WebVPN solutions with alternatives due to the repeated exploitation of related vulnerabilities in edge network devices to breach corporate networks.

Threat actors use phishing techniques to obtain non-public information about generative artificial intelligence.

​Google has released a new emergency Chrome security update to address the third zero-day vulnerability exploited in attacks within a week.

cross-posted from: https://lemmy.zip/post/15519717

An earlier iteration of the site was taken down last year; now its reincarnation is gone.

The company’s Patch Tuesday includes fixes for flaws in Windows Desktop Window Manager, Windows MSHTML, and Visual Studio, among others, that IT security orgs should prioritize.

A Korean cybersecurity expert has been sentenced to prison for illegally accessing and distributing private videos from vulnerable "wallpad" cameras in 400,000 private households.

​Microsoft has fixed a zero-day vulnerability exploited in attacks to deliver QakBot and other malware payloads on vulnerable Windows systems.

Researchers have uncovered a critical vulnerability in VMware's Bluetooth device, allowing code execution by malicious actors.

A crisis at the key US service for ranking vulnerabilities has been fueled by short resources and an explosion of security flaws as the volume of software production increases.