CISA warns that a critical-severity hardcoded credentials vulnerability in SolarWinds Web Help Desk is exploited in attacks.

Oracle has released 334 new security patches to address roughly 220 unique CVEs as part of its October 2024 Critical Patch Update.

FIDO Alliance has published new specifications for securely moving passkeys across providers, as Amazon announced 175 million passkey users.

Volkswagen has issued a statement after the 8Base ransomware group claimed to have stolen valuable data from the company’s ...

Door access controllers remain vulnerable to remote hacker attacks for extended periods of time, a researcher has found.

The Iran-linked APT OilRig has intensified cyber operations against the United Arab Emirates and the broader Gulf region. The ...

Russia, China and Iran are increasingly relying on criminal networks to lead cyberespionage and hacking operations against adversaries.

Splunk has released patches for multiple vulnerabilities in Splunk Enterprise, including two high-severity remote code execution flaws.

Cybercriminals, hacktivists and nation-state actors have been active either threatening to disrupt or taking advantage of the US election.

Automattic has rolled out updates for 101 Jetpack versions released over the past eight years to resolve a critical vulnerability.

A critical-severity flaw in GitHub Enterprise Server could lead to unauthorized access to the vulnerable instances.

SecurityWeek talked to David Weston, VP enterprise and OS security at Microsoft, to discuss Windows kernel access and safe deployment practices. As the dust settles following the massive Windows BSOD ...