CDAO Sponsors Crowdsourced AI Assurance Pilot in the Context of Military Medicine

Just 57 CVEs to contend with (plus advisories), but six are already under exploit in the wild

In the latest attacks against the vendor’s SMA1000 devices, threat actors have chained a new zero-day flaw with a critical vulnerability disclosed earlier this year.

A series of cyberattacks have struck multiple major British retailers in recent weeks, and a ransomware gang has reportedly claimed responsibility.

Cybersecurity researchers are calling attention to an ongoing campaign that’s targeting gamers and cryptocurrency investors under the guise of open-source projects hosted on GitHub. The campaign, which spans hundreds of repositories, has been dubbed GitVenom by Kaspersky. “The infected projects include an automation instrument for interacting with Instagram accounts, a Telegram bot that enables

After two decades of developing increasingly mature security architectures, organizations are running up against a hard truth: tools and technologies alone are not enough to mitigate cyber risk. As tech stacks have grown more sophisticated and capable, attackers have shifted their focus. They are no longer focusing on infrastructure vulnerabilities alone. Instead, they are increasingly

Threat actors are continuing to upload malicious packages to the npm registry so as to tamper with already-installed local versions of legitimate libraries to execute malicious code in what’s seen as a sneakier attempt to stage a software supply chain attack. The newly discovered package, named pdf-to-office, masquerades as a utility for converting PDF files…