Your blog category
A critical security flaw has been disclosed in the llama_cpp_python Python package that could be exploited by threat actors to achieve arbitrary code execution. Tracked as CVE-2024-34359 (CVSS score: 9.7), the flaw has been… Read More »Researchers Uncover Flaws in Python Package for AI Models and PDF.js Used by Firefox
One of the enduring challenges of building modern applications is to make them more secure without disrupting high-velocity DevOps processes or degrading the developer experience. Today’s cyber threat landscape is… Read More »Five Core Tenets Of Highly Effective DevSecOps Practices
Cybersecurity researchers have discovered a critical security flaw in a popular logging and metrics utility called Fluent Bit that could be exploited to achieve denial-of-service (DoS), information disclosure, or remote… Read More »“Linguistic Lumberjack” Vulnerability Discovered in Popular Logging Utility Fluent Bit
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a security flaw impacting NextGen Healthcare Mirth Connect to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The flaw,… Read More »NextGen Healthcare Mirth Connect Under Attack – CISA Issues Urgent Warning
An Iranian threat actor affiliated with the Ministry of Intelligence and Security (MOIS) has been attributed as behind destructive wiping attacks targeting Albania and Israel under the personas Homeland Justice… Read More »Iranian MOIS-Linked Hackers Behind Destructive Attacks on Albania and Israel
Multiple threat actors are weaponizing a design flaw in Foxit PDF Reader to deliver a variety of malware such as Agent Tesla, AsyncRAT, DCRat, NanoCore RAT, NjRAT, Pony, Remcos RAT,… Read More »Foxit PDF Reader Flaw Exploited by Hackers to Deliver Diverse Malware Arsenal
All developers want to create secure and dependable software. They should feel proud to release their code with the full confidence they did not introduce any weaknesses or anti-patterns into… Read More »Defending Your Commits From Known CVEs With GitGuardian SCA And Git Hooks
A “multi-faceted campaign” has been observed abusing legitimate services like GitHub and FileZilla to deliver an array of stealer malware and banking trojans such as Atomic (aka AMOS), Vidar, Lumma… Read More »Cyber Criminals Exploit GitHub and FileZilla to Deliver Cocktail Malware
Cybersecurity researchers have observed a spike in email phishing campaigns starting early March 2024 that delivers Latrodectus, a nascent malware loader believed to be the successor to the IcedID malware. “These… Read More »Latrodectus Malware Loader Emerges as IcedID’s Successor in Phishing Campaigns
The U.S. Department of Justice (DoJ) has charged two arrested Chinese nationals for allegedly orchestrating a pig butchering scam that laundered at least $73 million from victims through shell companies.… Read More »Chinese Nationals Arrested for Laundering $73 Million in Pig Butchering Crypto Scam