Cybersecurity
-
Critical Bugs in Chaos Mesh Enable Cluster Takeover
Source: Dark ReadingRead more: Critical Bugs in Chaos Mesh Enable Cluster TakeoverA set of vulnerabilities known as ‘Chaotic Deputy’ has been identified in the chaos engineering platform widely used for testing…
-
Self-Replicating ‘Shai-hulud’ Worm Targets NPM Packages
Source: Dark ReadingRead more: Self-Replicating ‘Shai-hulud’ Worm Targets NPM PackagesA new self-replicating worm, dubbed Shai-Hulud, has been discovered infecting numerous open source NPM packages. This worm is capable of…
-
Update your Apple devices to fix dozens of vulnerabilities
Source: Malware BytesRead more: Update your Apple devices to fix dozens of vulnerabilitiesApple has issued security updates across all its platforms to address numerous vulnerabilities. These flaws could potentially allow cybercriminals to…
-
Vane Viper’ Threat Group Tied to PropellerAds, Commercial Entities
Source: Dark ReadingRead more: Vane Viper’ Threat Group Tied to PropellerAds, Commercial EntitiesResearchers have linked the Vane Viper threat group to a large-scale cybercrime operation utilizing the PropellerAds adtech platform. This connection…
-
Check Point acquires AI security firm Lakera in push for enterprise AI protection
Source: CyberScoopRead more: Check Point acquires AI security firm Lakera in push for enterprise AI protectionCheck Point has announced the acquisition of AI security company Lakera as part of its strategy to enhance enterprise AI…
-
Google nukes 224 Android malware apps behind massive ad fraud campaign
Source: BleepingComputerRead more: Google nukes 224 Android malware apps behind massive ad fraud campaignGoogle has removed 224 malicious Android applications that were part of a large-scale ad fraud scheme known as ‘SlopAds.’ These…
-
Self-propagating supply chain attack hits 187 npm packages
Source: BleepingComputerRead more: Self-propagating supply chain attack hits 187 npm packagesA significant supply chain attack named ‘Shai-Hulud’ has compromised at least 187 npm packages. It began with the @ctrl/tinycolor package…
-
Chaos Mesh Critical GraphQL Flaws Enable RCE and Full Kubernetes Cluster Takeover
Source: The Hacker NewsRead more: Chaos Mesh Critical GraphQL Flaws Enable RCE and Full Kubernetes Cluster TakeoverResearchers have identified multiple critical security flaws in Chaos Mesh, which could enable attackers to seize control of Kubernetes clusters.…
-
Why You Need Phishing Resistant Authentication NOW., (Tue, Sep 16th)
Source: SANS Internet Storm CenterRead more: Why You Need Phishing Resistant Authentication NOW., (Tue, Sep 16th)Recent phishing incidents are compromising NPM developer accounts, affecting even the most security-conscious users. These attacks highlight the effectiveness of…
-
No More Blind Spots: Achieving Complete SDLC Visibility in a Multi-Cloud World
Source: Tenable ResearchRead more: No More Blind Spots: Achieving Complete SDLC Visibility in a Multi-Cloud WorldTenable’s unified cloud security solution addresses the challenges of fragmented multi-cloud environments by providing complete visibility and control. It aims…