GCP ESPv2 Hit with Critical API Authorization Bypass CVE-2023-30845
This post delves into a very impactful JWT Authentication Bypass vulnerability (CVE-2023-30845) found in ESP-v2, an open-source service proxy that…
June 2023
EU member states are urged to restrict without delay 5G equipment from risky suppliers
The European Commission urges member states to limit “without delay” equipment from Chinese suppliers from their 5G networks, specifically Huawei…
Researchers Discover New Sophisticated Toolkit Targeting Apple macOS Systems
Cybersecurity researchers have uncovered a set of malicious artifacts that they say is part of a sophisticated toolkit targeting Apple…
This Week’s Toy News Is a Cautionary Tale About Messing With Genetics
Welcome back to Toy Aisle, io9's regular round up of the coolest toy and merchandise around. This week, NECA gets…
New Stealer Malware on the Rise: Mystic Stealer
Mystic Stealer is an information-stealing malware that first emerged on hacking forums on April 2023. The stealer gets more and…
Name That Toon: Time to Spare?
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
Introducing AI-guided Remediation for IaC Security / KICS
While the use of Infrastructure as Code (IaC) has gained significant popularity as organizations embrace cloud computing and DevOps practices,…
Generative AI Has Its Risks, But the Sky Isn’t Falling
The threat organizations face with GenAI is not new, but it could speed how quickly private data reaches a wider…
US Investors Sniffing Around Blacklisted NSO Group Assets
Pressure mounts on the NSO Group's business viability as Khashoggi widow joins group of plaintiffs suing the Israeli firm for…
Decoding Identity and Access Management For Organizations and Consumers
Workforce IAM and consumer IAM are not interchangeable — they serve different purposes and constituencies.