Hackers abused API to verify millions of Authy MFA phone numbers
Twilio has confirmed that an unsecured API endpoint allowed threat actors to verify the phone numbers of millions of Authy…
‘Sleepy Pickle’ Exploit Subtly Poisons ML Models
A model can be perfectly innocent, yet still dangerous if the means by which it's packed and unpacked are tainted.
Scattered Spider hackers switch focus to cloud apps for data theft
The Scattered Spider gang has started to steal data from software-as-a-service (SaaS) applications and establish persistence through creating new virtual machines.…
AWS adds passkeys support, warns root users must enable MFA
Amazon Web Services (AWS) has introduced FIDO2 passkeys as a new method for multi-factor authentication (MFA) to enhance account security…
Ockam and Redpanda Partner to Launch Zero-Trust Streaming Data Platform
PRESS RELEASE SAN FRANCISCO, May 31, 2024 /PRNewswire/ — Today, Ockam teamed up with Redpanda to launch Redpanda Connect with Ockam: the first...
Data of 560 million Ticketmaster customers for sale after alleged breach
A threat actor known as ShinyHunters is selling what they claim is the personal and financial information of 560 million…
Hacker defaces spyware app’s site, dumps database and source code
A hacker has defaced the website of the pcTattletale spyware application, found on the booking systems of several Wyndham hotels in…
Bitbucket artifact files can leak plaintext authentication secrets
Threat actors were found breaching AWS accounts using authentication secrets leaked as plaintext in Atlassian Bitbucket artifact objects. [...]
Critical Fluent Bit flaw impacts all major cloud providers
A critical Fluent Bit vulnerability that can be exploited in denial-of-service and remote code execution attacks impacts all major cloud…
CISO Corner: What Cyber Labor Shortage?; Trouble Meeting SEC Disclosure Deadlines
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also…