SecurityWeek

The email addresses and other information of hundreds of British, French and EU politicians have been found on the dark web.

Over 600,000 SOHO routers belonging to a single ISP and infected with the Chalubo trojan were rendered inoperable.

CISA instructs federal agencies to mitigate CVE-2024-1086, a Linux kernel flaw leading to privilege escalation.

Altman spent part of his virtual appearance fending off thorny questions about governance, an AI voice controversy and criticism from ousted board members.

The ShinyHunters hacking group has claimed the theft of 560 million Ticketmaster users’ data on a fresh BreachForums portal.

The BBC has disclosed a data breach impacting over 25,000 current and former employees, but the incident did not involve ransomware.

Cloudlfare acquires Boston seed-stage startup BastionZero to bolster its Zero Trust Network Access technology portfolio.

SecurityWeek editor-at-large Ryan Naraine examines the broad tension between tech innovation and privacy rights at a time when ChatGPT-like bots and generative-AI apps are starting to dominate the landscape. 

Malicious campaign exploits high-severity XSS flaws in three WordPress plugins to backdoor websites.

NIST is receiving support to get the NVD and CVE processing back on track within the next few months.

The TrickBot botnet and other malware droppers have been targeted by international law enforcement in Operation Endgame.

The data breach at debt collection agency Financial Business and Consumer Solutions (FBCS) impacts 3.2 million individuals.

Okta raises the alarm on credential stuffing attacks targeting endpoints used for cross-origin authentication.

Assembling a diverse team, outlining clear objectives, and meticulously assessing your network landscape can enable organizations to successfully navigate SASE migration without hiccups and pitfalls.

The US announced that the 911 S5 (Cloud Router) botnet, likely the world’s largest, has been dismantled and its administrator arrested.