Google: Zero-Day Attacks Surged in 2023

Google reported that 97 flaws were exploited in the wild in 2023, up 50 percent from the number of zero-day attacks recorded in 2022.

Decipher Podcast: Jack Cable

Jack Cable, senior technical advisor at the Cybersecurity and Infrastructure Security Agency (CISA), talks about his past experiences with bug bounty programs, CISA’s Secure By Design initiative and its efforts to help secure the open-source software ecosystem.

Critical Fortinet Flaw Now Actively Exploited

Fortinet earlier this month disclosed and issued a patch for the flaw (CVE-2023-48788), which exists in FortiClientEMS, its central management solution for endpoints.

U.S. Sanctions, Indicts Alleged Members of Chinese APT31

The U.S. has announced sanctions against a Chinese state-backed company and two individuals, as well as indictments against seven people alleged to part of China's APT31 threat group.

APT29 Phishing Attack Targets German Political Parties

Researchers observed APT29 using phishing emails in order to target German political parties with a new backdoor variant in late February.