New HTTP Request Smuggling Attacks Target Web Browsers
Threat actors can abuse weaknesses in HTTP request handling to launch damaging browser-based attacks on website users, researcher says.
10 Malicious Code Packages Slither into PyPI Registry
The discovery adds to the growing list of recent incidents where threat actors have used public code repositories to distribute…
Amazon, IBM Move Swiftly on Post-Quantum Cryptographic Algorithms Selected by NIST
A month after the algorithms were revealed, some companies have already begun incorporating the future standards into their products and…
35,000 code repos not hacked—but clones flood GitHub to serve malware
Thousands of GitHub repositories were forked (cloned) and altered to include malware, a software engineer discovered. [...]
Thousands of Mobile Apps Leaking Twitter API Keys
New finding comes amid report of overall surge in threats targeting mobile and IoT devices over the past year.
AWS Focuses on Identity Access Management at re:Inforce
Identity and access management was front and center at AWS re:inforce this week.
Amazon Adds Malware Detection to GuardDuty TDR Service
The new GuardDuty Malware Protection and Amazon Detective were among 10 products and services unveiled at AWS re:Inforce in Boston…
Hacking group ‘8220’ grows cloud botnet to more than 30,000 hosts
A cryptomining gang known as 8220 Gang has been exploiting Linux and cloud app vulnerabilities to grow their botnet to…
CyberRatings.org Issues AAA Rating on Forcepoint’s Cloud Network Firewall
Forcepoint's test results are second in a series of publications on this new technology.
What Do All of Those Cloud Cybersecurity Acronyms Mean?
Acronyms serve as a gatekeeper — if you don't sling the lingo, you don't belong. So here's a quick guide…