Almost two-thirds of organizations said their threat intelligence programs need improvement and only 22% of surveyed respondents said they have fully mature threat intel...

Security-operations and threat-intelligence teams are chronically short-staffed, overwhelmed with data, and dealing with competing demands — all issues which large-language-model (LLM) systems can help...

Teams running the Zimbra Collaboration Suite version 8.8.15 are urged to apply a manual fix against a recently discovered zero-day vulnerability that's being actively...

Microsoft's July security update contains fixes for a whopping 130 unique vulnerabilities, five of which attackers are already actively exploiting in the wild.The company...

The Iran-linked threat group known as APT35 (aka Charming Kitten, Imperial Kitten, or Tortoiseshell) has updated its cyberattack arsenal with improved abilities to hide its actions, as well...

by Paul Ducklin PONG FOR ONE!? No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and...

During the month of May, an unknown threat group created a malicious GitHub repository that claimed to contain a zero-day exploit for a vulnerability...

by Paul Ducklin BACKDOORS, EXPLOITS, AND LITTLE BOBBY TABLES No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul...

After an inaugural year of funding intensive work scaling the way security researchers report and automate open source vulnerability fixes, the Human Security Dan...

Three zero-day vulnerabilities — tracked as CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373 — were found in Apple's WebKit browser platform and affect iOS, macOS, and iPad...

OpenText's Geoff Bibby shares the latest findings from the company's cybersecurity global threat report, and discusses the issues that small, medium and large business...

by Paul Ducklin Last week, we warned about the appearance of two critical zero-day bugs that were patched in the...