tokens
-
Alert: Threat Actors Can Leverage AWS STS to Infiltrate Cloud Accounts
Threat actors can take advantage of Amazon Web Services Security Token Service (AWS STS) as a way to infiltrate cloud…
Read More » -
15,000 Go Module Repositories on GitHub Vulnerable to Repojacking Attack
New research has found that over 15,000 Go module repositories on GitHub are vulnerable to an attack called repojacking. “More…
Read More » -
Design Flaw in Google Workspace Could Let Attackers Gain Unauthorized Access
Cybersecurity researchers have detailed a “severe design flaw” in Google Workspace’s domain-wide delegation (DWD) feature that could be exploited by…
Read More » -
Cybercriminals Using Telekopye Telegram Bot to Craft Phishing Scams on a Grand Scale
More details have emerged about a malicious Telegram bot called Telekopye that’s used by threat actors to pull off large-scale…
Read More » -
AI Solutions Are the New Shadow IT
Ambitious Employees Tout New AI Tools, Ignore Serious SaaS Security Risks Like the SaaS shadow IT of the past, AI…
Read More » -
Hackers Could Exploit Google Workspace and Cloud Platform for Ransomware Attacks
A set of novel attack methods has been demonstrated against Google Workspace and the Google Cloud Platform that could be…
Read More » -
CI/CD Risks: Protecting Your Software Development Pipelines
Have you heard about Dependabot? If not, just ask any developer around you, and they’ll likely rave about how it…
Read More » -
Microsoft Warns as Scattered Spider Expands from SIM Swaps to Ransomware
The prolific threat actor known as Scattered Spider has been observed impersonating newly hired employees in targeted firms as a…
Read More » -
Critical OAuth Flaws Uncovered in Grammarly, Vidio, and Bukalapak Platforms
Critical security flaws have been disclosed in the Open Authorization (OAuth) implementation of popular online services such as Grammarly, Vidio,…
Read More »