Majority of Critical Open Source Projects Contain Memory Unsafe Code
More than half (52%) of critical open source projects contain code written in a memory-unsafe language, according to a new...
Month: June 2024
US Charges Russian Individual for Pre-Invasion Ukraine Hack
The US Department of Justice (DoJ) has charged a Russian national, Amin Timovich Stigal, aged 22, for hacking into and...
Operation First Light Seizes $257m in Global Scam Bust
Police forces from 61 countries have joined forces to dismantle online scam networks through Operation First Light 2024. The operation, orchestrated...
CISOs Reveal Firms Prioritize Savings Over Long-Term Security
A third (33%) of security leaders believe companies often sacrifice long-term security for cost savings. The data comes from Bugcrowd’s...
Ticketek – 17,643,173 breached accounts
HIBP In May 2024, the Australian event ticketing company Ticketek reported a data breach linked to a third party cloud-based...
CISA: CISA Releases Guidance on Single Sign-On (SSO) Adoption for Small and Medium-Sized Businesses: (SMBs)
CISA Releases Guidance on Single Sign-On (SSO) Adoption for Small and Medium-Sized Businesses: (SMBs) Today, CISA released Barriers to Single...
CISA: CISA and Partners Release Guidance for Modern Approaches to Network Access Security
CISA and Partners Release Guidance for Modern Approaches to Network Access Security Today, CISA, in partnership with the Federal Bureau...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on June 20, 2024. These...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on June 18, 2024. These...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on June 25, 2024. These...
CISA: CISA and Partners Release Guidance for Exploring Memory Safety in Critical Open Source Projects
CISA and Partners Release Guidance for Exploring Memory Safety in Critical Open Source Projects Today, CISA, in partnership with the...
CISA: Juniper Networks Releases Security Bulletin for Juniper Secure Analytics
Juniper Networks Releases Security Bulletin for Juniper Secure Analytics Juniper Networks released a security bulletin to address multiple vulnerabilities affecting...
CISA: CISA Releases Seven Industrial Control Systems Advisories
CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on June 27, 2024. These...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
HackerOne Bug Bounty Disclosure: subdomain-takeover-mil-martinvw
Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:martinvwLink to Submitters Profile:https://hackerone.com/martinvw Report Title:Subdomain takeover milReport Link:https://hackerone.com/reports/2499178Date...
HackerOne Bug Bounty Disclosure: local-file-disclosure-on-the-hxxps-edu-leads-to-the-full-source-code-disclosure-and-credentials-leak-sp-d-rs
Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:sp1d3rsLink to Submitters Profile:https://hackerone.com/sp1d3rs Report Title:Local File Disclosure on...
HackerOne Bug Bounty Disclosure: idor-leading-unauthenticated-attacker-to-download-documents-discloses-pii-of-users-and-soldiers-via-hxxps-www-download-aspx-id-htus-berserker
Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:berserker1999Link to Submitters Profile:https://hackerone.com/berserker1999 Report Title:IDOR leading unauthenticated attacker...
CISA: CISA Releases Seven Industrial Control Systems Advisories
CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on June 27, 2024. These...
Rust-Based P2PInfect Botnet Evolves with Miner and Ransomware Payloads
The peer-to-peer malware botnet known as P2PInfect has been found targeting misconfigured Redis servers with ransomware and cryptocurrency miners. The...
Prompt Injection Flaw in Vanna AI Exposes Databases to RCE Attacks
Cybersecurity researchers have disclosed a high-severity security flaw in the Vanna.AI library that could be exploited to achieve remote code...
The Secrets of Hidden AI Training on Your Data
While some SaaS threats are clear and visible, others are hidden in plain sight, both posing significant risks to your...
How to Use Python to Build Secure Blockchain Applications
Did you know it's now possible to build blockchain applications, known also as decentralized applications (or "dApps" for short) in...
Mitigating Skeleton Key, a new type of generative AI jailbreak technique
In generative AI, jailbreaks, also known as direct prompt injection attacks, are malicious user inputs that attempt to circumvent an...
