AI coding assistants can hallucinate package names, creating phantom dependencies that don’t exist in official repositories. Attackers exploit this predictable behavior through slopsquatting, which ...
After all the hype in December last year, threat actors appear to have lost interest in exploiting the Log4Shell vulnerability, as both Sophos and the SANS Internet Storm Center are reporting ...
Here is a monthly review of the API-related attacks stories with Cloudflare, Docker, Trello or Twilio’s SendGrid among victims. Cloudflare experienced a data breach as part of the Okta supply-chain ...
"When you have these broad zero-day events that impact many industries ... that's where things like SBOM come into play," Jennifer Morovitz said. Morovitz: The number of vulnerabilities just increases ...
Microsoft has issued a warning that cybercriminals are using an outdated web server in widespread internet of things (IoT) devices to attack enterprises in the energy industry. Based on a recent ...
Iranian government-backed hackers have allegedly compromised an unnamed federal agency for months, the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI announced today. The advanced ...
A new cyber espionage campaign launched by North Korea has been uncovered by security researchers – and the primary targets are energy companies in the US, Canada, and Japan. Cisco Talos reported that ...
In 2021, the number of serious network vulnerabilities dropped almost 10% from the previous year, a new report found. Sounds good, right? But, across the same period, actual network attacks jumped 15% ...
The security agencies of the US, Australia, Canada, the UK and New Zealand have published a definitive list of the most exploited vulnerabilities of 2021, topped by Log4Shell. “The NCSC and our allies ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results