Polyfill Attack

Polyfill[.]io Attack Impacts Over 380,000 Hosts, Including Major Companies

Polyfill[.]io Attack Impacts Over 380,000 Hosts, Including Major Companies Jul 05, 2024NewsroomSupply Chain Attack / Malware The supply chain attack targeting widely-used Polyfill[.]io JavaScript library is wider in scope than previously thought, with new findings from Censys showing that over 380,000 hosts are embedding a polyfill script linking to the Read more…

Google Warns: Android Zero-Day Flaws in Pixel Phones Exploited by Forensic Companies

Google Warns: Android Zero-Day Flaws in Pixel Phones Exploited by Forensic Companies

Google Warns: Android Zero-Day Flaws in Pixel Phones Exploited by Forensic Companies Google has disclosed that two Android security flaws impacting its Pixel smartphones have been exploited in the wild by forensic companies. The high-severity zero-day vulnerabilities are as follows – CVE-2024-29745 – An information disclosure flaw in the bootloader component Read more…

Sea Turtle Cyber Espionage Campaign

Sea Turtle Cyber Espionage Campaign Targets Dutch IT and Telecom Companies

Sea Turtle Cyber Espionage Campaign Targets Dutch IT and Telecom Companies Jan 06, 2024NewsroomCyber Espionage / Supply Chain Attack Telecommunication, media, internet service providers (ISPs), information technology (IT)-service providers, and Kurdish websites in the Netherlands have been targeted as part of a new cyber espionage campaign undertaken by a Türkiye-nexus Read more…

Spear-Phishing Attacks

Cloud Atlas’ Spear-Phishing Attacks Target Russian Agro and Research Companies

Cloud Atlas’ Spear-Phishing Attacks Target Russian Agro and Research Companies Dec 25, 2023NewsroomCyber Espionage / Malware The threat actor referred to as Cloud Atlas has been linked to a set of spear-phishing attacks on Russian enterprises. Targets included a Russian agro-industrial enterprise and a state-owned research company, according to a Read more…

Kubernetes Secrets

Kubernetes Secrets of Fortune 500 Companies Exposed in Public Repositories

Kubernetes Secrets of Fortune 500 Companies Exposed in Public Repositories Nov 24, 2023NewsroomCloud security / Data Protection Cybersecurity researchers are warning of publicly exposed Kubernetes configuration secrets that could put organizations at risk of supply chain attacks. “These encoded Kubernetes configuration secrets were uploaded to public repositories,” Aqua security researchers Read more…

ServiceNow Data Exposure

A Wake-Up Call for Companies

A Wake-Up Call for Companies Oct 30, 2023The Hacker NewsSaaS Security / Data Security Earlier this week, ServiceNow announced on its support site that misconfigurations within the platform could result in “unintended access” to sensitive data. For organizations that use ServiceNow, this security exposure is a critical concern that could Read more…