A China-linked threat actor had access to a router configuration database that could have completely disrupted coverage, a security vendor says.

The available options for addressing the flaw are limited, leaving many Macs vulnerable to a "GoFetch" attack that steals keys — even quantum-resistant ones.

Had a Microsoft developer not spotted the malware when he did, the outcome could have been much worse.

In this Tech Tip, we outline how to check whether a system is impacted by the newly discovered backdoor in the open source xz compression utility.

A federal review board demanded that the tech giant prioritize its "inadequate" security posture, putting the blame solely on the company for last year's Microsoft 365 breach that allowed China's Storm-0558 to hack the email accounts of key government officials.

The National Vulnerability Database can't keep up, and the agency is calling for a public-private partnership to manage it going forward.

A majority of enterprises that employ cloud-based email spam filtering services are potentially at risk, thanks to a rampant tendency to misconfigure them.

Several Apple device users have experienced recent incidents where they have received incessant password reset prompts and vishing calls from a number spoofing Apple's legitimate customer support line.

Several Cisco products, including IOS, IOS XE, and AP software, need patching against various high-risk security vulnerabilities.

Campaign distributes malware disguised as legitimate installers for popular workplace collaboration apps by abusing a traffic-tracking feature.

Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: Australia gets its cyber-groove back, and 2023's zero-day field day.

To meet changing privacy regulations, regularly review data storage strategies, secure access to external networks, and deploy data plane security techniques.

It's critical for security teams to stay vigilant not only when it comes to major security issues, but also with minor lags in security best practice.

A global proactive and collaborative approach to cybersecurity, not just in public/private partnerships, is key to fighting back against increasingly professional ransomware gangs.

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.