Hackers abuse Google Ads to spread malware in legit software
Malware operators have been increasingly abusing the Google Ads platform to spread malware to unsuspecting users searching for popular software products.…
Thousands of Citrix servers vulnerable to patched critical flaws
Thousands of Citrix ADC and Gateway deployments remain vulnerable to two critical-severity security issues that the vendor fixed in recent months.…
Why Attackers Target GitHub, and How You Can Secure It
The unfettered collaboration of the GitHub model creates a security headache. Follow these seven principles to help relieve the pain.
Internet AppSec Remains Abysmal & Requires Sustained Action in 2023
A variety of initiatives — such as memory-safe languages and software bills of materials — promise more secure applications, but…
Fraud Prevention Tips for Online Businesses
Well-implemented fraud prevention measures can ensure your business thrives today and is future proof for tomorrow. By Patrick […] The…
Container Verification Bug Allows Malicious Images to Cloud Up Kubernetes
A complete bypass of the Kyverno security mechanism for container image imports allows cyberattackers to completely take over a Kubernetes…
Ghost CMS vulnerable to critical authentication bypass flaw
A critical vulnerability in the Ghost CMS newsletter subscription system could allow external users to create newsletters or modify existing…
What Kind of Data Gets Stolen When a Developer is Compromised?
What is the worst that can happen when a developer's machine is compromised? Depending on the developer's position, attackers gain…
Comcast Xfinity accounts hacked in widespread 2FA bypass attacks
Comcast Xfinity customers report their accounts being hacked in widespread attacks that bypass two-factor authentication. These compromised accounts are then…
Supply Chain Risks Got You Down? Keep Calm and Get Strategic!
Security leaders must maintain an effective cybersecurity strategy to help filter some of the noise on new vulnerabilities.