darkreading

According to Mozilla, users have a lot more power to manipulate ChatGPT than they might realize. OpenAI hopes those manipulations remain within a clearly delineated sandbox.

In the future, the cybersecurity landscape likely will depend not only on the ability of federal workforces to protect their agencies but also on their capacity to continuously develop and sharpen those skills.

A new report from the Open Software Supply Chain Attack Reference (OSC&R) team provides a framework to reduce how much vulnerable software reaches production.

Given increased tensions with China over tariffs, companies could see a shift in attacks, but also fewer regulations and a run at a business-friendly federal privacy law.

The proposed rules codify existing temporary directives requiring pipeline and railroad operators to report cyber incidents and create cyber-risk management plans.

Frenos offers a zero-impact, continuous security assessment platform for operational technology environments.

Several versions of PostgreSQL are impacted, and customers will need to upgrade in order to patch.

In addition to his prison sentence, he will have to pay more than $1 million in restitution to his victims.

As alerts pile up, the complexity can overwhelm security professionals, allowing real threats to be missed. This is where vendors must step up.

Cloud service providers are getting better at protecting data, pushing adversaries to develop new cloud ransomware scripts to target PHP applications, a new report says.

If the government truly wants to protect the US's most vital assets, it must rethink its cybersecurity policies and prioritize proactive, coordinated, and enforceable measures.

Less-experienced users of Microsoft's website building platform may not understand all the implications of the access controls in its low- or no-code environment.

APT Wirte is doing double duty, adding all manner of supplemental malware to gain access, eavesdrop, and wipe data, depending on the target.

The China-affiliated group is using the highly modular DeepData framework to target organizations in South Asia.

Among the top exploited zero-day vulnerabilities were bugs found in systems from Citrix and Cisco.

The consolidation folds Cybereason's endpoint detection and response (EDR) platform into Trustwave's managed security services offerings, such as managed detection and response (MDR).