Vulnerabilities in Nvidia Riva could allow hackers to abuse speech and translation AI services that are typically expensive.

Exploits swirling for remote code execution vulnerability (CVE-2025-24813) in open-source Apache Tomcat web server.

The tj-actions/changed-files GitHub Action, which is used in 23,000 repositories, has been targeted in a supply chain attack.

Threat actors are abusing Microsoft 365 infrastructure in a BEC campaign, and target its users in two brand impersonation ...

The websites of over 100 auto dealerships were found serving malicious ClickFix code in a supply chain compromise.

Nearly 8,000 new vulnerabilities affecting the WordPress ecosystem were reported last year, nearly all in plugins and themes.

The National Institute of Standards and Technology (NIST) has selected a fifth algorithm (HQC) to add to its PQC portfolio.

The House of Representatives has passed a bill aimed at requiring federal contractors to have a Vulnerability Disclosure Policy (VDP). The House of Representatives has passed a bill aimed at requiring ...

Organizations can align their processes with one of two global industry standards for self-assessment and security maturity—BSIMM and OWASP SAMM. Amid the government-led push toward more secure ...

US officials said they have not determined who was behind an apparent cyberattack on the social media platform X.

A UK government analysis of current best practices for OSS and supply chain risk management finds weaknesses in current ...

The Trump administration has cut millions of dollars in federal funding from two cybersecurity initiatives, including one ...