Collaborate Disseminate
A breach at Rackspace exposes the fragility of the software supply chain, triggering a blame game among vendors over an exploited zero-day.
The post Zero-Day Breach at Rackspace Sparks Vendor Blame Game appeared first on SecurityWeek.
Continue reading Zero-Day Breach at Rackspace Sparks Vendor Blame Game
As organizations have fortified their defenses against direct network attacks, hackers have shifted their focus to exploiting vulnerabilities in the supply chain to gain backdoor access to systems.
The post Fortifying the Weakest Link: How to Safeguard… Continue reading Fortifying the Weakest Link: How to Safeguard Against Supply Chain Cyberattacks
Software supply chain security startup Chainguard raises a $140 million Series C round that values the company at $1.2 billion.
The post Chainguard Raises $140 Million, Expands Tech to Secure AI Workloads appeared first on SecurityWeek.
Continue reading Chainguard Raises $140 Million, Expands Tech to Secure AI Workloads
Judge dismissed SEC lawsuit charging SolarWinds and CISO Timothy Brown with hiding security problems before and after the SUNBURST supply chain compromise.
The post Judge Dismisses Major SEC Charges Against SolarWinds and CISO appeared first on Securi… Continue reading Judge Dismisses Major SEC Charges Against SolarWinds and CISO
GitLab issues an advisory for a critical-severity vulnerability that allows an attacker to trigger a pipeline as another user.
The post GitLab Ships Update for Critical Pipeline Execution Vulnerability appeared first on SecurityWeek.
Continue reading GitLab Ships Update for Critical Pipeline Execution Vulnerability
Namecheap shut down polyfill.io amid reports of malicious activity, but the Chinese owner claims it has good intentions.
The post Polyfill Domain Shut Down as Owner Disputes Accusations of Malicious Activity appeared first on SecurityWeek.
Continue reading Polyfill Domain Shut Down as Owner Disputes Accusations of Malicious Activity
More than 100,000 websites are affected by a supply chain attack injecting malware via a Polyfill domain.
The post Polyfill Supply Chain Attack Hits Over 100k Websites appeared first on SecurityWeek.
Continue reading Polyfill Supply Chain Attack Hits Over 100k Websites
Five WordPress plugins were injected with malicious code that creates a new administrative account.
The post Several Plugins Compromised in WordPress Supply Chain Attack appeared first on SecurityWeek.
Continue reading Several Plugins Compromised in WordPress Supply Chain Attack
Attackers are getting more sophisticated, better armed, and faster. Nothing in Rapid7’s 2024 Attack Intelligence Report suggests that this will change.
The post Zero-Day Attacks and Supply Chain Compromises Surge, MFA Remains Underutilized: Rapid7 Repo… Continue reading Zero-Day Attacks and Supply Chain Compromises Surge, MFA Remains Underutilized: Rapid7 Report
Evolving critical infrastructure risks, ransomware, supply chain exploitation, commercial spyware and AI were the top trends, the office reported.
The post ONCD report: ‘Fundamental transformation’ in cyber, tech drove 2023 risks appeared first on CyberScoop.
Continue reading ONCD report: ‘Fundamental transformation’ in cyber, tech drove 2023 risks