SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack
Apr 04, 2025Ravie LakshmananVulnerability / Open Source, The cascading supply chain attack that initially targeted Coinbase before becoming more widespread...
Have We Reached a Distroless Tipping Point?
There's a virtuous cycle in technology that pushes the boundaries of what's being built and how it's being used. A...
Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware
Apr 04, 2025Ravie LakshmananMalware / Vulnerability Ivanti has disclosed details of a now-patched critical security vulnerability impacting its Connect Secure...
OPSEC Failure Exposes Coquettte’s Malware Campaigns on Bulletproof Hosting Servers
Apr 04, 2025Ravie LakshmananThreat Intelligence / Malware A novice cybercrime actor has been observed leveraging the services of a Russian...
CERT-UA Reports Cyberattacks Targeting Ukrainian State Systems with WRECKSTEEL Malware
Apr 04, 2025Ravie LakshmananCritical Infrastructure / Malware The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed that no less...
Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code
Apr 04, 2025Ravie LakshmananVulnerability / Cloud Security A maximum severity security vulnerability has been disclosed in Apache Parquet's Java Library...
Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware
Microsoft is warning of several phishing campaigns that are leveraging tax-related themes to deploy malware and steal credentials. "These campaigns...
Lazarus Group Targets Job Seekers With ClickFix Tactic to Deploy GolangGhost Malware
The North Korean threat actors behind Contagious Interview have adopted the increasingly popular ClickFix social engineering tactic to lure job...
AI Threats Are Evolving Fast — Learn Practical Defense Tactics in this Expert Webinar
Apr 03, 2025The Hacker News The rules have changed. Again. Artificial intelligence is bringing powerful new tools to businesses. But...
AI Adoption in the Enterprise: Breaking Through the Security and Compliance Gridlock
AI holds the promise to revolutionize all sectors of enterpriseーfrom fraud detection and content personalization to customer service and security...
