Cybersecurity researchers have disclosed details of a now-patched security flaw in the Amazon EC2 Simple Systems Manager (SSM) Agent that, if successfully exploited, could permit […]
_ArtemisDiana_Alamy.jpg)
How Democratized Development Creates a Security Nightmare
No-code and low-code platforms offer undeniable benefits. But when security is an afterthought, organizations risk deploying vulnerable applications that expose sensitive data and critical systems. […]
Palo Alto Networks Begins Unified Security Rollout
Cortex Cloud integrates Prisma Cloud with CDR to provide a consolidated security posture management and real-time threat detection and remediation platform. ​The original article found […]
_Zoonar_GmbH_Alamy.jpg)
Experts Optimistic About Secure by Design Progress
Secure by Design is an important step to reduce the number of vulnerabilities present originally, but is it progressing fast enough? According to security experts […]
Dangerous, Windows-Hijacking Neptune RAT Scurries Into Telegram, YouTube
The malware’s creators insist a new open source version of Neptune is for educational use by pen testers, but a raft of sophisticated backdoor and […]
Morphing Meerkat PhaaS Using DNS Reconnaissance To Generate Phishing Pages Based on Target
Morphing Meerkat, a sophisticated Phishing-as-a-Service (PhaaS) platform first identified in 2020, has evolved from a simple tool capable of mimicking five email services to a […]
OpenSSL 3.5.0 Released with Support for Post-Quantum Cryptography
The OpenSSL Project has officially released version 3.5.0 of its widely used cryptographic library, marking a significant milestone with the integration of post-quantum cryptography (PQC) […]
NIST Will Mark All CVEs Published Before 01/01/2018 as ‘Deferred’
The National Institute of Standards and Technology (NIST) announced on April 2, 2025, that all Common Vulnerabilities and Exposures (CVEs) with a published date prior […]
Oracle Confirms that Hackers Broke Systems & Stole Client Login CredentialsÂ
Oracle Corp. has privately confirmed to customers that a threat actor breached a computer system and exfiltrated old client login credentials. This acknowledgment comes after […]
.webp)
Threat Actors May Leverage CI/CD Environments to Gain Access To Restricted Resources
Cybersecurity experts have observed a concerning trend where sophisticated threat actors are increasingly targeting Continuous Integration/Continuous Deployment (CI/CD) pipelines to gain unauthorized access to sensitive […]