New ‘Mistic’ RAT Opens Door to Several Ransomware Families

Mistic is used by Woodgnat, an initial access broker working with Qilin, Interlock, Rhysida, Akira, 8Base, and Black Basta.
The post New ‘Mistic’ RAT Opens Door to Several Ransomware Families appeared first on SecurityWeek.
Continue reading New ‘Mistic’ RAT Opens Door to Several Ransomware Families

Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking

The security defects allow unauthenticated users to take control of the open source software supply chain.
The post Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking appeared first on SecurityWeek.
Continue reading Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking

Data Exposure Flaws Threaten Dify AI Platform Used by 1 Million Apps

Attackers could abuse Dify’s multi-tenant cloud service to read private chats, preview other tenants’ documents, and reach internal APIs.
The post Data Exposure Flaws Threaten Dify AI Platform Used by 1 Million Apps appeared first on SecurityWeek.
Continue reading Data Exposure Flaws Threaten Dify AI Platform Used by 1 Million Apps