We need secure products as much as we need security products

Cybersecurity researchers have discovered an updated version of a known Apple macOS malware called XCSSET that has been observed in limited attacks. “This new variant of XCSSET brings key changes related to browser targeting, clipboard hijacking, and persistence mechanisms,” the Microsoft Threat Intelligence team said in a Thursday report. “It employs sophisticated encryption and obfuscation

If you are preparing an RFP or Form 470 submission under the Cybersecurity Pilot Program, we encourage you to connect with us.

Consumer Reports, Secure Resilient Future Foundation (SRFF) and US Public Interest Research Group (PIRG) introduced a model bill to increase transparency around Internet of Things that have reached end-of-life status.

Cybersecurity researchers have discovered two malicious Rust crates impersonating a legitimate library called fast_log to steal Solana and Ethereum wallet keys from source code. The crates, named faster_log and async_println, were published by the threat actor under the alias rustguruman and dumbnbased on May 25, 2025, amassing 8,424 downloads in total, according to software supply…

The PCI Security Standards Council experienced a record year in many regards, but its first annual report shows it needs to work even faster to stay ahead of attackers.

Two critical vulnerabilities affect the security vendor’s management console, one of which is under active exploitation. The company has updated cloud-based products but won’t have a patch for its on-premises version until mid-August.