Application securityHackers leak their own operations through exposed Telegram Bot API tokensLaura FrenchAugust 21, 2024Location history, contacts and customer data of the Styx Stealer MaaS operator were uncovered by researchers.
RansomwareMicrochip Technology’s production affected by ransomware attackShaun NicholsAugust 21, 2024Microchip Technology said in an SEC filing that it was hit with a ransomware attack that will impact some of its production facilities.
Application security‘ALBeast’ load balancer flaw may affect 15,000 Amazon Web Services appsSteve ZurierAugust 21, 2024Miggo researchers said the AWS bug was caused by two factors: a missing token validation and a misconfigured security groups notification.
RansomwareRansomware on track for record profits, even as fewer victims payLaura FrenchAugust 20, 2024A mid-year report found ransom payment prices have increased drastically among big game hunters.
Vulnerability ManagementIran election meddling brings call to action in USShaun NicholsAugust 20, 2024Government officials in the U.S. are sounding the alarm over new reports of election meddling by Iran.
Cloud SecurityTLS bootstrap attack gains access to Azure Kubernetes Services clusterSteve ZurierAugust 20, 2024While Microsoft has patched the issue, security pros warn that teams need to audit their AKS clusters.
Network SecurityTP-Link finds itself in congressional crosshairs over ties to ChinaShaun NicholsAugust 19, 2024Networking vendor TP-Link has found itself under scrutiny from Congress over its links to the Chinese government.
Vulnerability ManagementCritical Jenkins vulnerability added to CISA’s known vulnerabilities catalogLaura FrenchAugust 19, 2024The RCE vulnerability was leveraged in ransomware attacks targeting Indian banks.
Application securityBugs in Microsoft apps for macOS could give privileges to attackersSteve ZurierAugust 19, 2024Security pros say the flaws in six apps for macOS could let attackers take over cameras, microphones and screen recordings.
AI/MLChanges to controversial California AI safety bill fail to satisfy criticsLaura FrenchAugust 16, 2024Critics said the bill, meant to prevent mass AI-related casualties and cyberattacks, will crush AI open-source and innovation.
Time to finally get serious about stopping the attacks on the healthcare supply chainToby Gouker August 21, 2024