New ODGen Tool Unearths 180 Zero-Days in Node.js Libraries
New graph-based tool offers a better alternative to current approaches for finding vulnerabilities in JavaScript code, they note.
How 1-Time Passcodes Became a Corporate Liability
Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some…
How DevSecOps Empowers Citizen Developers
DevSecOps can help overcome inheritance mentality, especially in low- and no-code environments.
More Bang for the Buck: Cross-Platform Ransomware Is the Next Problem
As cryptocurrency valuations make strikes less lucrative, ransomware gangs like the new RedAlert and Monster groups are modifying their tools…
Former NYC Mayor Bill de Blasio lands fall semester fellow gigs at Harvard
Former New York Mayor Bill de Blasio will be a fall semester visiting fellow at the Institute of Politics at…
Fox News Power Rankings: GOP House majority shrinks as Democrats score key victories
Fox News Power Rankings expect Republicans to win the House with 220-248 seats. The number of seats depends on how…
A Modern Cybersecurity Fight Requires a Modern Approach to Regulatory Oversight
By Charlie Moskowitz, Vice President, Policy and Public Sector at SecurityScorecard Cybercriminals never stop. Often they are supported, […] The…
China’s APT41 Embraces Baffling Approach for Dropping Cobalt Strike Payload
The state-sponsored threat actor has switched up its tactics, also adding an automated SQL-injection tool to its bag of tricks…
5 Russia-Linked Groups Target Ukraine in Cyberwar
Information on the attributed cyberattacks conducted since the beginning of the Russia-Ukraine war shows that a handful of groups conducted…
Malicious PyPi packages turn Discord into password-stealing malware
A dozen malicious PyPi packages have been discovered installing malware that modifies the Discord client to become an information-sealing backdoor…