JetBrains warns of IntelliJ IDE bug exposing GitHub access tokens
JetBrains warned customers to patch a critical vulnerability that impacts users of its IntelliJ integrated development environment (IDE) apps and…
Exploit for critical Veeam auth bypass available, patch now
A proof-of-concept (PoC) exploit for a Veeam Backup Enterprise Manager authentication bypass flaw tracked as CVE-2024-29849 is now publicly available, making…
New York Times source code stolen using exposed GitHub token
Internal source code and data belonging to The New York Times was leaked on the 4chan message board after being…
What Individuals Get Wrong About Business Email Compromise
Businesses tend to obsess over business email compromise. This obsession is misguided. Observations from the front lines of combating business…
Microsoft spots gift card thieves using cyber-espionage tactics
Microsoft has published a "Cyber Signals" report sharing new information about the hacking group Storm-0539 and a sharp rise in…
FBI warns of gift card fraud ring targeting retail companies
The FBI warned retail companies in the United States that a financially motivated hacking group has been targeting employees in…
Billions of Android Devices Open to ‘Dirty Stream’ Attack
Microsoft has uncovered a common vulnerability pattern in several apps allowing code execution; at least four of the apps have…
Cisco Duo’s Multifactor Authentication Service Breached
A third-party telephony service provider for Cisco Duo falls prey to social engineering, and the company advises customer vigilance against…
Why CISA is Warning CISOs About a Breach at Sisense
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense,…
CISA orders agencies impacted by Microsoft hack to mitigate risks
CISA has issued a new emergency directive ordering U.S. federal agencies to address risks resulting from the breach of multiple…