Even the most advanced systems like Cloudflare can fall victim to software issues and become a global point of failure, Dr. David Utzke argues, adding […]
Category: Cyber Security News
Deja Vu: Salesforce Customers Hacked Again, Via Gainsight
In a repeat of similar attacks during the summer, threat actors affiliated with the ShinyHunters extortion group used a third-party application to steal organizations’ Salesforce […]
LINE Messaging Bugs Open Asian Users to Cyber Espionage
In a potential gift to geopolitical adversaries, the encrypted messaging app uses a leaky custom protocol that allows message replays, impersonation attacks, and sensitive information […]
Hack the Hackers: 6 Laws for Staying Ahead of the Attackers
A new security framework responds to a shift in attackers’ tactics, one that allows them to infiltrate enterprises ‘silently’ through their own policies. ​The original […]
From code to boardroom: A GenAI GRC approach to supply chain risk
I know the pressure chief information security officers face right now. We spent years hardening our own perimeter, then a few more managing the third-party […]
ENISA becomes CVE Program Root, strengthening Europe’s vulnerability management framework
The European Union Agency for Cybersecurity (ENISA) has been officially designated as a Program Root in the global Common Vulnerabilities and Exposures (CVE) Program. It […]
Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation
Grafana has released security updates to address a maximum severity security flaw that could allow privilege escalation or user impersonation under certain configurations. The vulnerability, […]
With AI Reshaping Entry-Level Cyber, What Happens to the Security Talent Pipeline?
Automation is rewriting early-career cybersecurity work, raising urgent questions about how the next generation of security professionals will gain real-world expertise. ​The original article found […]
Critical Azure Bastion Vulnerability Lets Attackers Bypass Login and Gain Higher Privileges
Microsoft disclosed a critical authentication bypass vulnerability in Azure Bastion, its managed remote access service, enabling attackers to escalate privileges to administrative levels with a […]
Xillen Stealer: Advanced Features Bypass AI Detection and Steal Password Manager Data
The Python-based information-stealing tool Xillen Stealer has reached versions 4 and 5, significantly expanding its targeting capabilities and functionality across platforms. Documented initially by Cyfirma […]