Shaun Nichols

Updates have been released by major VPN service provider ExpressVPN to resolve a vulnerability impacting its Windows client that resulted in the exposure of its users' IP addresses, according to BleepingComputer.

Cyber Security News reports that weaponized .LNK files have been used to facilitate the distribution of the DeerStealer malware as part of a novel phishing campaign.

Hewlett Packard Enterprise has fixed a pair of security bugs affecting Instant On Access Points, which could be chained to facilitate administrative access and malicious command injections, reports The Hacker News.

COMMENTARY: Organizations have long faced the ongoing threat of human behavior. Whether by using weak or reused passwords, careless clicking, or

Operations of the Lumma information-stealing malware have returned to near-normal levels two months after some of its infrastructure and its domains were taken down by a global law enforcement effort, BleepingComputer reports.

Hackread reports that dozens of financial entities and cryptocurrency exchanges have been targeted with attacks involving a new iteration of the Coyote banking trojan, which has gained the novel ability to exploit Microsoft's UI Automation framework to facilitate banking credential compromise.

Making the transition from vulnerability management to exposure management isn't always easy. Here's how Verizon made the move.

Nation-state attackers will come at you from every direction. That's why it’s important to have a holistic security policy that covers the entire attack surface -- and a plan to rebound quickly if an attack succeeds.

Okta's annual conference next month will focus on how identity security can help manage AI agents, what they can access, and who has access to them.

Broadcom has unveiled new cybersecurity and compliance capabilities for VMware Cloud Foundation, targeting private cloud deployments in heavily regulated sectors, Security Brief New Zealand reports.