EUVD-2025-16389

Malicious code in bioql PyPI...

EUVD-2025-15276

Malicious code in bioql PyPI...

EUVD-2025-15229

Malicious code in bioql PyPI...

EUVD-2025-15876

Malicious code in bioql PyPI...

EUVD-2022-32011

Malicious code in bioql PyPI...

EUVD-2025-15361

Malicious code in bioql PyPI...

EUVD-2025-15270

Malicious code in bioql PyPI...

EUVD-2025-18314

Malicious code in bioql PyPI...

EUVD-2025-15370

Malicious code in bioql PyPI...

EUVD-2025-15295

Malicious code in bioql PyPI...

EUVD-2025-15807

Malicious code in bioql PyPI...

Why Continuous Compliance Monitoring Is Essential For IT Managed Service Providers

Regulatory compliance is no longer just a concern for large enterprises. Small and mid-sized businesses SMBs are increasingly subject to strict data protection and security regulations, such as HIPAA, PCI-DSS, CMMC, GDPR, and the FTC Safeguards Rule. However, many SMBs struggle to maintain...

A week in security (April 3 - 9)

Last week on Malwarebytes Labs: TikTok: Whats going on and should I be worried? Super FabriXss: an RCE vulnerability in Azure Service Fabric Explorer Big changes to Twitter verification: How to spot a verified account New macOS malware steals sensitive info, including a user's entire Keychain...

What is the Essential Eight (And Why Non-Aussies Should Care)

In 2017, The Australian Cyber Security Center ACSC published a set of mitigation strategies that were designed to help organizations to protect themselves against cyber security incidents. These strategies, which became known as the Essential Eight, are designed specifically for use on Windows...

Five Takeaways from FlexBooker’s Data Breach

A few weeks ago, an appointment scheduling solution, FlexBooker notified its customers that it had been breached. Imperva has no specific insider knowledge into how the breach unfolded, but we can learn a lot from FlexBooker’s data breach notification as well as additional related sources. In thi...

Types of Penetration Testing

If you are thinking about performing a penetration test on your organization, you might be interested in learning about the different types of tests available. With that knowledge, you'll be better equipped to define the scope for your project, hire the right expert and, ultimately, achieve your...

IoT cybersecurity bill passed by Senate

Days before taking a week-long Thanksgiving recess, the US Senate passed an almost mundane cybersecurity bill that, if approved by the President, will improve security guidelines and protocols for Internet of Things IoT devices purchased and owned by the Federal government. The bill, called the...

Securing the International IoT Supply Chain

Together with Nate Kim former student and Trey Herr Atlantic Council Cyber Statecraft Initiative, I have written a paper on IoT supply chain security. The basic problem we try to solve is: how to you enforce IoT security regulations when most of the stuff is made in other countries? And our...

Can Governments Defeat Nation-State Attacks on Critical Infrastructures?

For physical conflicts, we expect our government to protect us from nation-state adversaries. It turns out, though, that industrial enterprises are much better positioned to defeat most nation-state attacks on power plants, pipelines, and other critical infrastructures than governments are. For...

ENFUSE 2019: Security Regulations, Insider Threats, and IoT Privacy Risks

LAS VEGAS – From insider threats, Internet of Things insecurity, to medical device hacking, ENFUSE 2019 broke down the top privacy and security issues help desks are seeing today. It also tackle what regulatory efforts are being developed to address those threats. Threatpost editor Lindsey...