exploit
-
Progress WhatsUp Gold Exploited Just Hours After PoC Release for Critical Flaw
Malicious actors are likely leveraging publicly available proof-of-concept (PoC) exploits for recently disclosed security flaws in Progress Software WhatsUp Gold…
Read More » -
WordPress Mandates Two-Factor Authentication for Plugin and Theme Developers
WordPress.org has announced a new account security measure that will require accounts with capabilities to update plugins and themes to…
Read More » -
Microsoft Issues Patches for 79 Flaws, Including 3 Actively Exploited Windows Flaws
Microsoft on Tuesday disclosed that three new security flaws impacting the Windows platform have come under active exploitation as part…
Read More » -
Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches
Shadow apps, a segment of Shadow IT, are SaaS applications purchased without the knowledge of the security team. While these…
Read More » -
One More Tool Will Do It? Reflecting on the CrowdStrike Fallout
The proliferation of cybersecurity tools has created an illusion of security. Organizations often believe that by deploying a firewall, antivirus…
Read More » -
GitHub Actions Vulnerable to Typosquatting, Exposing Developers to Hidden Malicious Code
Threat actors have long leveraged typosquatting as a means to trick unsuspecting users into visiting malicious websites or downloading booby-trapped…
Read More » -
Apache OFBiz Update Fixes High-Severity Flaw Leading to Remote Code Execution
A new security flaw has been addressed in the Apache OFBiz open-source enterprise resource planning (ERP) system that, if successfully…
Read More » -
NIST Cybersecurity Framework (CSF) and CTEM – Better Together
It’s been a decade since the National Institute of Standards and Technology (NIST) introduced its Cybersecurity Framework (CSF) 1.0. Created…
Read More »