Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions
The Eclipse Foundation, which maintains the Open VSX Registry, has announced plans to enforce security checks before Microsoft Visual Studio…
Cyber Security
CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk…
The Data Behind Basketball’s Geographic Talent Pipeline
In this post, I will talk about the data behind basketball’s geographic talent pipeline. Every NBA and ABA superstar started…
Russian Hackers Weaponize Microsoft Office Bug in Just 3 Days
APT28’s attacks rely on specially crafted Microsoft Rich Text Format (RTF) documents to kick off a multistage infection chain to…
GlassWorm Malware Returns to Shatter Developer Ecosystems
The self-replicating malware has poisoned a fresh set of Open VSX software components, leaving potential downstream victims with infostealer infections.
Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image Metadata
Cybersecurity researchers have disclosed details of a now-patched security flaw impacting Ask Gordon, an artificial intelligence (AI) assistant built into…
8-Minute Access: AI Accelerates Breach of AWS Environment
The AI-assisted attack, which started with exposed credentials from public S3 buckets, rapidly achieved administrative privilges.
Dark Patterns Undermine Security One Click at a Time
People trust organizations to do the right thing, but websites’ and apps’ dark patterns pose a hidden threat that can…
Why Security is the Only Metric That Matters for Your VPS
In this post, I will talk about why security is the only metric that matters for your VPS. Data is…
[Webinar] The Smarter SOC Blueprint: Learn What to Build, Buy, and Automate
Most security teams today are buried under tools. Too many dashboards. Too much noise. Not enough real progress. Every vendor…