Starting on Monday, Discord has been reaching out to users affected by a data breach disclosed earlier this year to let them know what Personal Identifying Information (PII) was exposed in the incident. [...]

Bitwarden, the maker of the popular open-source password manager tool, has released 'Secrets Manager,' an end-to-end encrypted secrets manager for IT professionals, software development teams, and the DevOps industry. [...]

Thousands of Openfire servers remain vulnerable to CVE-2023-32315, an actively exploited and path traversal vulnerability that allows an unauthenticated user to create new admin accounts. [...]

Microsoft has released the optional KB5029331 Preview cumulative update for Windows 10 22H2 with sixteen improvements or fixes, including the introduction of a new Backup app. [...]

A London jury has found that an 18-year-old member of the Lapsus$ data extortion gang helped hack multiple high-profile companies, stole data from them, and demanded a ransom threatening to leak the information. [...]

The North Korean state-backed hacker group tracked as Lazarus has been exploiting a critical vulnerability (CVE-2022-47966) in Zoho's ManageEngine ServiceDesk to compromise an internet backbone infrastructure provider and healthcare organizations. [...]

We're down to the final weeks of registration for mWISE, the community-focused cybersecurity conference from Mandiant. Learn more from Mandiant about the available attendance options and what you should expect. [...]

Proof-of-concept exploit code is now available for a critical Ivanti Sentry authentication bypass vulnerability that enables attackers to execute code remotely as root on vulnerable systems. [...]

Cybercriminals behind the Smoke Loader botnet are using a new piece of malware called Whiffy Recon to triangulate the location of infected devices through WiFi scanning and Google's geolocation API. [...]

Microsoft says the August 2023 preview updates released this week for Windows 11 and Windows 10 systems are causing blue screens with errors mentioning an unsupported processor issue. [...]

Two vulnerabilities affecting some version of Jupiter X Core, a premium plugin for setting up WordPress and WooCommerce websites, allow hijacking accounts and uploading files without authentication. [...]

Ransomware threat actors are spending less time on compromised networks before security solutions sound the alarm. In the first half of the year the hackers' median dwell time dropped to five days from nine in 2022 [...]

The Federal Bureau of Investigation warned that patches for a critical Barracuda Email Security Gateway (ESG) remote command injection flaw are "ineffective," and patched appliances are still being compromised in ongoing attacks. [...]

Multiple reports on social media warn of a data breach at financial and risk advisory company Kroll that resulted in exposing to an unauthorized third-party the personal data of some credit claimants. [...]

Leaseweb, one of the world's largest cloud and hosting providers, notified people that it's working on restoring "critical" systems disabled following a recent security breach. [...]

Microsoft has identified a new hacking group it now tracks as Flax Typhoon that argets government agencies and education, critical manufacturing, and information technology organizations likely for espionage purposes. [...]

UK's Information Commissioner's Office (ICO), together with eleven data protection and privacy authorities from around the world, have published a statement calling social media platforms to up their protections against data scrapers. [...]

MSI has officially confirmed the recent surge of blue screens of death (BSODs) encountered by Windows users after installing this week's optional preview updates is linked to some of its motherboard models. [...]

Pôle emploi, France's governmental unemployment registration and financial aid agency, is informing of a data breach that exposed data belonging to 10 million individuals. [...]