PyPI Mandates 2FA, Plans Google Titan Key Giveaway
Python's most popular package manager is intent on securing the supply chain by requiring developers to enable two-factor authentication.
Paladin Cloud Launches New Cloud Security and Governance Platform
The new open source security-as-code platform will help developers and security teams automatically detect security policy violations across the organization's…
Hackers can unlock Honda cars remotely in Rolling-PWN attacks
A team of security researchers found that several modern Honda car models have a vulnerable rolling code mechanism that allows…
PyPI mandates 2FA for critical projects, developer pushes back
On Friday, the Python Package Index (PyPI), repository of open source Python projects announced plans to rollout two factor authentication for…
Mitigate Risk by Securing Third Party Software and Environments
Software Security Requires Ongoing Vigilance Against New and Evolving Vulnerabilities By Tim Kenney, Chief Operating Officer, SOOS Businesses […] The…
Security advisory accidentally exposes vulnerable systems
A security advisory for a vulnerability (CVE) published by MITRE has accidentally been exposing links to remote admin consoles of over…
Free smartphone stalkerware detection tool gets dedicated hub
Kaspersky has launched a new information hub to help with their open-source stalkerware detection tool named TinyCheck, created in 2019…
New YTStealer malware steals accounts from YouTube Creators
A new information-stealing malware named YTStealer is targeting YouTube content creators and attempting to steal their authentication tokens and hijack…
Android malware ‘Revive’ impersonates BBVA bank’s 2FA app
A new Android banking malware named Revive has been discovered that impersonates a 2FA application required to log into BBVA…
Clever phishing method bypasses MFA using Microsoft WebView2 apps
A clever, new phishing technique uses Microsoft Edge WebView2 applications to steal victim's authentication cookies, allowing threat actors to bypass…