Jai Vijayan

The security vulnerability tracked as CVE-2024-50603, which rates 10 out of 10 on the CVSS scale, enables unauthenticated remote code execution on affected systems, which cyberattackers are using to plant malware.

Company has issued patches for an unprecedented 159 CVEs, including eight zero-days, three of which attackers are already exploiting.

It's an especially brazen form of malvertising, researchers say, striking at the heart of Google's business; the tech giant says it's aware of the issue and is working quickly to address the problem.

Seven system recovery programs contained what amounted to a backdoor for injecting any untrusted file into the system startup process.

The Joint Cyber Defense Collaborative playbook seeks to establish a "a unified approach" on how to handle AI-related cybersecurity threats.

By staying vigilant, agile, and prepared, organizations can turn threat detection, investigation, and response from a defensive strategy into a proactive enabler of security and operational excellence.

New order mandates securing the federal software supply chain and communications networks, as well as deploying AI tools to protect critical infrastructure from cyberattacks — but will the Trump administration follow through?

The FTC claims that the Web hosting company's security failures led to several major breaches in the past few years.

A highly targeted cyber-intelligence campaign adds fuel to the increasingly complex relationship between the two former Soviet states.