Researchers urge organizations using Apache OFBiz to address a critical bug, following reports of active exploitation of another flaw. Experts urge organizations to address a new critical vulnerability, tracked... Read more »

Printed circuit board assembly (PCBA) manufacturer Keytronic reported that a recent ransomware attack led to expenses and lost revenue exceeding $17 million. In June, Keytronic disclosed a data breach... Read more »

A security bypass bug in Rockwell Automation ControlLogix 1756 devices could allow unauthorized access to vulnerable devices. A high-severity security bypass vulnerability, tracked as CVE-2024-6242 (CVSS Base Score v4.0... Read more »

China-linked group APT41 breached a Taiwanese government-affiliated research institute using ShadowPad and Cobalt Strike. Cisco Talos researchers reported that the China-linked group compromised a Taiwanese government-affiliated research institute. The... Read more »

A China-linked APT, tracked as StormBamboo, compromised an internet service provider (ISP) to poison software update mechanisms with malware. Volexity researchers reported that a China-linked APT group, tracked as StormBamboo (aka... Read more »

Jerico Pictures Inc., operating as National Public Data, exposed the personal information of nearly 3 billion individuals in an April data breach. A proposed class action claims that Jerico... Read more »

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Unplugging PlugX: Sinkholing the PlugX USB worm botnet   Introducing Gh0stGambit:... Read more »

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of... Read more »

The U.S. Department of Justice has sued TikTok and its parent company, ByteDance, for extensive violations of children’s privacy laws. The Justice Department and the Federal Trade Commission (FTC)... Read more »