Connect with us
Security researchers have identified multiple workflows in popular continuous integration and development (CI/CD) service GitHub Actions that are vulnerable to command execution. A research team from...
A pair of vulnerabilities in Google Cloud, DevSite, and Google Play could have allowed attackers to achieve cross-site scripting (XSS) attacks, opening the door to account...
The Federal Communications Commission (FCC) warned Americans of an increasing wave of SMS (Short Message Service) phishing attacks attempting to steal their personal information and money....
A threat actor associated with the LockBit 3.0 ransomware operation is abusing the Windows Defender command line tool to load Cobalt Strike beacons on compromised systems...
Threat actors have been adopting a less common method to generate revenue and are leveraging payloads to install proxyware services on target systems. Proxyware is a...
The LibreOffice suite has been updated to address several security vulnerabilities related to the execution of macros and the protection of passwords for web connections. The...
A North Korean-backed threat group tracked as Kimsuky is using a malicious browser extension to steal emails from Google Chrome or Microsoft Edge users reading their webmail. The...
Hackers who normally distributed malware via phishing attachments with malicious macros gradually changed tactics after Microsoft Office began blocking them by default, switching to new file...
Kubernetes (K8s) is undoubtedly on the rise. According to the State of Cloud Development report by SlashData, this open-source container orchestration platform is already being used by 31...
https://player.vimeo.com/video/732082259?h=cc4c7f0eec&badge=0&autopause=0&player_id=0&app_id=58479&dnt=1 The legacy approach to attack surface management falls short of what modern organizations require: contextual awareness. Security teams increasingly suffer from threat intelligence sensory overload...
