US feds stress urgent MOVEit platform patching after attacks hit agencies
In the latest cyber incident affecting the US federal government, two arms of the US Department of Energy (DOE) and,…
2023
New Mystic Stealer Malware Targets 40 Web Browsers and 70 Browser Extensions
A new information-stealing malware called Mystic Stealer has been found to steal data from about 40 different web browsers and…
GCP ESPv2 Hit with Critical API Authorization Bypass CVE-2023-30845
This post delves into a very impactful JWT Authentication Bypass vulnerability (CVE-2023-30845) found in ESP-v2, an open-source service proxy that…
EU member states are urged to restrict without delay 5G equipment from risky suppliers
The European Commission urges member states to limit “without delay” equipment from Chinese suppliers from their 5G networks, specifically Huawei…
Researchers Discover New Sophisticated Toolkit Targeting Apple macOS Systems
Cybersecurity researchers have uncovered a set of malicious artifacts that they say is part of a sophisticated toolkit targeting Apple…
This Week’s Toy News Is a Cautionary Tale About Messing With Genetics
Welcome back to Toy Aisle, io9's regular round up of the coolest toy and merchandise around. This week, NECA gets…
New Stealer Malware on the Rise: Mystic Stealer
Mystic Stealer is an information-stealing malware that first emerged on hacking forums on April 2023. The stealer gets more and…
Name That Toon: Time to Spare?
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
Introducing AI-guided Remediation for IaC Security / KICS
While the use of Infrastructure as Code (IaC) has gained significant popularity as organizations embrace cloud computing and DevOps practices,…
Generative AI Has Its Risks, But the Sky Isn’t Falling
The threat organizations face with GenAI is not new, but it could speed how quickly private data reaches a wider…