Xu Zewei was allegedly directed by China’s intelligence services to conduct a sweeping espionage campaign to steal data on COVID-19 research and other U.S. policy interests.

With global cyber threats escalating and budget cuts looming, CISA needs a Senate-confirmed director. It’s time to confirm Sean Plankey.

The global campaign marks the second series of multiple actively exploited zero-day vulnerabilities in Cisco edge technology since last spring. The similarities don’t end there.

The high-severity vulnerability is under active exploitation and affects many versions of MongoDB, a nearly ubiquitous open-source database.

Attacker interest in the vulnerability is magnified by an unparalleled number of publicly available exploits, earning the defect the highest verified public exploit count of any CVE…

Researchers warn that half of the exposed vulnerable instances remain unpatched as in-the-wild exploitation grows rapidly.

The attacks, which have impacted dozens of organizations, date back at least three years, lasting an average of 393 days. And that’s just what’s been uncovered in…

The security vendor silently patched a vulnerability, but did not assign the flaw a CVE or publicly disclose its existence until 17 days later. By then, widespread…

Researchers say the nation-state attacker could cause more serious problems with the BIG-IP source code it nabbed during the attack on F5’s systems.

Each day without reauthorization erodes the trust, coordination, and shared visibility that have underpinned the resilience of America’s most critical systems.