News about security failures, exploits and vulnerabilities in systems
Today we see how software security is hit with social engineering and organized crime economy: researchers have discovered a burst of malicious packages published in the npm recor…
Days ago, security researchers have unveiled a campaign that mixes lateral motion techniques in cloud-native environments with a deliberately destructive payload oriented towards …
The software supply chain again tested one of its most dangerous cracks: Trivy, the Aqua Security vulnerability scanner known and massively used by developers and security equipme…
Varonis has launched the Varonis Atlas market, a platform that aims to become the safety layer that will accompany the wave of artificial intelligence tools within the companies. …
Amazon Bedrock has opened a huge door for companies to integrate advanced language models into their processes: it allows models not only to answer questions, but also to consult …
The recent FBI alert on the use of Telegram as a command and control infrastructure by Iranian actors again shows something that cyber security experts have been warning for years…
Software development security has once again been the focus of attention after a new wave of supply chain-oriented attacks: stranded versions of the Trivy vulnerability scanner, d…
Recently, the U.S. Infrastructure and Cybersecurity Agency (CISA) gave the order to federal agencies to urgently park three iOS vulnerabilities that were being exploited in campai…
Just a few days ago the community of developers and security teams received a disturbing news: the popular security scanner Trivy was used as a vector in a supply chain attack. Re…
