The Akira ransomware group has been experimenting with new tools, bugs, and attack surfaces, with demonstrated success in significant sectors. ​The original article found on […]
Author: cyberbytes
150,000 Packages Flood NPM Registry in Token Farming Campaign
A self-replicating attack led to a tidal wave of malicious packages in the NPM registry, targeting tokens for the tea.xyz protocol. ​The original article found […]
Hardened Containers Look to Eliminate Common Source of Vulnerabilities
A kitchen-sink approach to building containers has loaded many with vulnerabilities. A handful of companies are trying to slim them down to address the issue. […]
Shadow Program Gives AWS Exec New Security Lens
Sara Duffer highlights the top lessons she brought back to her security role following three years in Amazon’s shadow program. ​The original article found on […]
North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels
The North Korean threat actors behind the Contagious Interview campaign have once again tweaked their tactics by using JSON storage services to stage malicious payloads. […]
Identity Governance and Administration, App Proliferation, and the App Integration Chasm
Most enterprises use more than 1,000 apps, according to ESG research, yet about half are integrated with IGA. Industry innovations enable teams to expand app […]
Keeper Security Unveils Secure Secrets Management in Visual Studio Code
Keeper Security has announced the launch of its Visual Studio Code (VS Code) extension, extending its enterprise-grade secrets management directly into developers’ coding environments. The […]
Iranian Hackers Launch ‘SpearSpecter’ Spy Operation on Defense & Government Targets
The Iranian state-sponsored threat actor known as APT42 has been observed targeting individuals and organizations that are of interest to the Islamic Revolutionary Guard Corps […]
Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks
Cybersecurity researchers have uncovered critical remote code execution vulnerabilities impacting major artificial intelligence (AI) inference engines, including those from Meta, Nvidia, Microsoft, and open-source PyTorch […]
Arista, Palo Alto bolster AI data center security
Arista Networks and Palo Alto Networks have extended their partnership to offer customers a framework for implementing zero-trust security inside the data center. The new framework […]