Your blog category
While some SaaS threats are clear and visible, others are hidden in plain sight, both posing significant risks to your organization. Wing’s research indicates that an astounding 99.7% of organizations… Read More »The Secrets of Hidden AI Training on Your Data
Did you know it’s now possible to build blockchain applications, known also as decentralized applications (or “dApps” for short) in native Python? Blockchain development has traditionally required learning specialized languages,… Read More »How to Use Python to Build Secure Blockchain Applications
Cybersecurity researchers have disclosed a high-severity security flaw in the Vanna.AI library that could be exploited to achieve remote code execution vulnerability via prompt injection techniques. The vulnerability, tracked as… Read More »Prompt Injection Flaw in Vanna AI Exposes Databases to RCE Attacks
A critical security flaw has been disclosed in Fortra FileCatalyst Workflow that, if left unpatched, could allow an attacker to tamper with the application database. Tracked as CVE-2024-5276, the vulnerability… Read More »Critical SQLi Vulnerability Found in Fortra FileCatalyst Workflow Application
A 22-year-old Russian national has been indicted in the U.S. for his alleged role in staging destructive cyber attacks against Ukraine and its allies in the days leading to Russia’s… Read More »Russian National Indicted for Cyber Attacks on Ukraine Before 2022 Invasion
A newly disclosed critical security flaw impacting Progress Software MOVEit Transfer is already seeing exploitation attempts in the wild shortly after details of the bug were publicly disclosed. The vulnerability,… Read More »New MOVEit Transfer Vulnerability Under Active Exploitation – Patch ASAP!
Apple has released a firmware update for AirPods that could allow a malicious actor to gain access to the headphones in an unauthorized manner. Tracked as CVE-2024-27867, the authentication issue… Read More »Apple Patches AirPods Bluetooth Vulnerability That Could Allow Eavesdropping
The heightened regulatory and legal pressure on software-producing organizations to secure their supply chains and ensure the integrity of their software should come as no surprise. In the last several… Read More »Practical Guidance For Securing Your Software Supply Chain
Threat actors with suspected ties to China and North Korea have been linked to ransomware and data encryption attacks targeting government and critical infrastructure sectors across the world between 2021… Read More »Chinese and N. Korean Hackers Target Global Infrastructure with Ransomware
Multiple content management system (CMS) platforms like WordPress, Magento, and OpenCart have been targeted by a new credit card web skimmer called Caesar Cipher Skimmer. A web skimmer refers to… Read More »New Credit Card Skimmer Targets WordPress, Magento, and OpenCart Sites