Where Advanced Cyberttackers Are Heading Next Disruptive Hits New Tech
Following a year of increasingly disruptive attacks, advanced persistent threat groups will likely only become emboldened in 2023, security experts say.
Artifact Poisoning in GitHub Actions Imports Malware via Software Pipelines
A vulnerability discovered in GitHub Actions could allow an attacker to poison a developers pipeline,
One Year After Log4Shell Most Firms Are Still Exposed to Attack
Though there have been fewer than expected publicly reported attacks involving the vulnerability, nearly three-quarters
IBM Cloud Supply Chain Vulnerability Showcases New Threat Class
The Hells Keychain attack vector highlights common cloud misconfigurations and secrets exposure that can pose
Phylum Expands Its Software Supply Chain Security Capabilities Introduces Automated Vulnerability Reachability
Know what you need to fix today and what you don’t.
Data Security Concerns Are Driving Changes in US Consumer Behavior and Demands
As consumers catch on to the dangers, protection could become a major topic for legislative
Nvidia GPU Driver Bugs Threaten Device Takeover More
If unpatched, a host of GPU Display Driver flaws could expose gamers, graphic designers, and
Google TAG Warns on Emerging Heliconia Exploit Framework for RCE
The framework has ties back to a Spanish exploit broker called Variston IT, and offers
Critical Quarkus Flaw Threatens Cloud Developers With Easy RCE
Red Hat has issued patches for a bug in an open source Java virtual machine
New Exploit Broker on the Scene Pays Premium for Signal App ZeroDays
Signal messaging app zero-day vulnerabilities have sparked a $1.5M bidding match, as gray-market exploit brokers