Vulnerable firmware for Gigabyte motherboards could allow bootkit installation

UEFI firmware running on 100+ Gigabyte motherboard models is affected by memory corruption vulnerabilities that may allow attackers to install persistent and difficult-to-detect bootkits (i.e., malware designed to infect... Read more »

F5 accelerates application delivery and security

F5 announced new tools to reduce the immense complexity cross-functional operations (XOps) teams face in managing hybrid, multicloud, and AI-driven application environments. F5 AI Assistant now provides a single... Read more »

MoD cyber breach put thousands of Afghan lives at risk

Over 18,000 Afghan citizens eligible to relocate to the UK under a government programme to protect them from the Taliban were put at risk in a heretofore unreportable data... Read more »

Fingerprint helps enterprises distinguish between legitimate and malicious automated web traffic

Fingerprint announced new Smart Signals and platform enhancements that detect malicious bots and AI agents, distinguishing them from legitimate automated traffic. As agentic commerce experiences explosive growth and autonomous... Read more »

At-Bay MXDR boosts security for mid-market and small businesses

At-Bay launched its new Managed Extended Detection and Response (MXDR) platform, designed to give mid-market and small businesses access to enterprise-grade cybersecurity at an affordable cost. Spanning endpoint, cloud,... Read more »

Pentera unveils capability to detect Git repository risk exposure

Pentera has introduced a capability to uncover and validate risk exposure from data in Git repositories. Pentera now discovers repositories linked to the organization, identifies embedded credentials, tokens, and... Read more »

NCSC sets up Vulnerability Research Initiative

The NCSC is expanding its vulnerability research project to draw in external expertise Read more »

North Korea-linked actors spread XORIndex malware via 67 malicious npm packages

North Korea-linked hackers uploaded 67 malicious npm packages with XORIndex malware, hitting 17K+ downloads in ongoing supply chain attacks. North Korea-linked threat actors behind the Contagious Interview campaign have... Read more »

AsyncRAT evolves as ESET tracks its most popular malware forks

AsyncRAT is an open-source remote access trojan that first appeared on GitHub in 2019. It includes a range of typical RAT capabilities, such as keylogging, screen capture, credential theft,... Read more »

What is supply chain risk management (SCRM)?

Supply chain risk management (SCRM) is the coordinated efforts of an organization to help identify, monitor, detect and mitigate threats to supply chain continuity and profitability. Read more »
Subscribe to our Newsletter