Solar Spider Spins Up New Malware to Entrap Saudi Arabian Financial Firms
An ongoing cyberattack campaign with apparent ties to China uses a new version of sophisticated JavaScript remote access Trojan JSOutProx…
April 2024
Critical Bugs Put Hugging Face AI Platform in a ‘Pickle’
One issue would have allowed cross-tenant attacks, and another enabled access to a shared registry for container images; exploitation via…
Panera Bread Fuels Ransomware Suspicions With Silence
The restaurant chain hasn't provided any information regarding what led to a widespread IT outage, and customers and employees are…
CISO Corner: Ivanti’s Mea Culpa; World Cup Hack; CISOs & Cyber Awareness
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also…
Magecart Attackers Pioneer Persistent E-Commerce Backdoor
The infamous payment-skimmer cybercrime organization is exploiting CVE-2024-20720 in Magento for a novel approach to stealing card data.
How Do We Integrate LLMs Security Into Application Development?
Large language models require rethinking how to bake security into the software development process earlier.
White House’s Call for Memory Safety Brings Challenges, Changes & Costs
Improving security in the applications that drive the digital economy is a necessary undertaking, requiring ongoing collaboration between the public…
Reconsider Your CNAPP Strategy Using These 5 Scenarios
Cloud-native application protection platforms (CNAPPs) sidestep siloed security and embed security into the earliest stages of application development.
SEXi Ransomware Desires VMware Hypervisors in Ongoing Campaign
A Babuk variant has been involved in at least four attacks on VMware EXSi servers in the last six weeks,…
Ivanti Pledges Security Overhaul the Day After 4 More Vulns Disclosed
So far this year, Ivanti has disclosed a total of 10 flaws — many of them critical — in its…