In two separate intrusions, attackers exploited a ColdFusion vulnerability (CVE-2023-26360) to compromise an unnamed federal government agency.
New AI guidelines authored by CISA and the UK's NCSC stress the importance of secure design, development, deployment, and operation of AI models and tools.
A key European Union Parliament committee has rejected proposed language that would allow for mass scanning of encrypted messages.
U.S. authorities warn that cooperative efforts between state-sponsored actors and cybercrime groups make life more difficult for defenders and law enforcement.
The newly discovered threat group compromises companies and then moves laterally on the network, exfiltrating data, logging keystrokes and more along the way.