15 year-old flaw in a default python module introduces supply chain vulnerability to over 350,000 open source projects and the applications that use them, including SDKs, AI/ML, security, management, and developer tools.
Optus disclosed a cyber attack that compromised the personal data of up to 10 million Australians with a threat actor initially demanding $1 million and several sources suggesting human error as the cause.
Hackers gained access to sensitive personal information of American Airlines’ customers and employees in a data breach linked to a phishing campaign that led to the unauthorized access of employee mailboxes.
Study on security priorities found that 90% of IT and security decision-makers believed their organizations failed to address cybersecurity risks.
Study found that four of ten employees engaged in risky online behavior to avoid the stress caused by complex authentication requirements. Login challenges forced employees to cross the line between work and personal life.
A data breach of the third largest storage space provider and popular moving company, U-Haul, exposed sensitive customer data in the contractual information of 2.2 million users over five months.
The Department of Education, FBI, and DHS CISA responded to a cyber attack and confirmed a ransomware incident on the second-largest school district, Los Angeles School District (LAUSD), over the Labor Day Weekend.
A credential stuffing attack on American outdoor apparel company, The North Face, compromised nearly 200,000 accounts just two years after a similar incident.
Russian hackers affiliated with the Killnet group executed a DDoS cyber attack that rendered 20 Japanese government websites inaccessible, including a tax and an e-Government portal.
CISA published an insight document for critical infrastructure organizations to prepare for the transition to new post-quantum cryptography standards that NIST will announce soon.