Businesses that develop business-, mission-, or safety-critical software must learn from previous victims of software supply chain attacks.

A China-nexus cyber espionage campaign rages on with the fourth backdoor to surface in the wild that takes advantage of the CVE-2023-2868 zero-day security bug — with severe threat...

The open source ecosystem for offensive and defensive security technologies is flourishing, giving security teams access to a wide range of tools to do their jobs.

Bill 362 is a perfect template for a nationwide win against data brokers and the privacy infringements they cause.

The Washington Post is reporting on a hack to fool automatic resume sorting programs: putting text in a white font. The idea is that the programs rely primarily...

CISOs are incorporating biometrics as part of their multifactor authentication strategies. This is what they should be thinking about during implementation.

Companies should use a variety of tools and strategies, both technical and policy, to protect their IP from third-party risk.

US officials are concerned that the Beijing-directed cyberattacks could be a precursor to military disruption and broader destructive attacks on citizens and businesses.

Researchers uncovered new worming second-stage tools used to locally exfiltrate data from air gapped ICS environments, putting threat actors one step away from transmission of the info to a...

The 4-month-old ransomware gang is now actively targeting VMware's virtual environments with a second variant of its custom malware.