The Other Lesson from the XZ Utils Supply-Chain Attack
“The best supply chain attack execution ever seen” might sound like yet another hyperbole designed to attract attention, except in…
Artificial Intelligence in 2024
Major Cyber Threats Powered by AI Many have embraced artificial intelligence as a new paradigm, with some even going so…
Unlocking the Power of Behavioral Cloud Native Threat Detection and Response
Behavioral detection and response is not a new concept, and the top three detection and response players command a combined…
Millions of Devices Vulnerable to ‘PKFail’ Secure Boot Bypass Issue
Several vendors for consumer and enterprise PCs share a compromised crypto key that should never have been on the devices…
Targeted PyPi Package Steals Google Cloud Credentials from macOS Devs
The campaign is laser-targeted, bucking the trend of "spray-and-pray" malicious open source packages turning up in code repositories seemingly every…
Chinese hackers deploy new Macma macOS backdoor version
The Chinese hacking group tracked as 'Evasive Panda' was spotted using new versions of the Macma backdoor and the Nightdoor…
Wanted: A SBOM Standard to Rule Them All
A unified standard is essential for realizing the full potential of SBOMs in enhancing software supply chain security.
Kaspersky Is an Unacceptable Risk Threatening the Nation’s Cyber Defense
As geopolitical tensions rise, foreign software presents a grave supply chain risk and an ideal attack vector for nation-state adversaries.
Tech Giants Agree to Standardize AI Security
The Coalition for Secure AI is a consortium of influential AI companies aiming to develop tools to secure AI applications…
Notorious Chinese Hacker Gang GhostEmperor Re-Emerges After 2 Years
After an extended period underground, the Chinese hackers have added a more sophisticated infection chain and additional EDR evasion techniques.