SecurityWeek1h
In Other News: Apple Improving Malware Detection, Cybersecurity Funding, Cyber Command Chief Fired
Apple adding TCC events to Endpoint Security, cybersecurity funding report for Q1 2025, Trump fires the head of NSA and Cyber ...
SecurityWeek5h
Compromised SpotBugs Token Led to GitHub Actions Supply Chain Hack
Evidence shows a SpotBugs token compromised in December 2024 was used in the March 2025 GitHub Actions supply chain attack.
SecurityWeek5h
Oracle Confirms Cloud Hack
Oracle has confirmed suffering a data breach but the tech giant is apparently trying to downplay the impact of the incident.
SecurityWeek22h
Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances
Ivanti misdiagnoses a remote code execution vulnerability and Mandiant reports that Chinese hackers are launching in-the-wild ...
SecurityWeek2h
State Bar of Texas Says Personal Information Stolen in Ransomware Attack
The State Bar of Texas is notifying thousands of individuals that their personal information was stolen in a February ransomware attack.
SecurityWeek3h
US, Allies Warn of Threat Actors Using ‘Fast Flux’ to Hide Server Locations
US and allied countries warn of threat actors using the “fast flux” technique to change DNS records and hide malicious servers’ locations.
SecurityWeek5h
Critical Apache Parquet Vulnerability Leads to Remote Code Execution
A critical vulnerability in Apache Parquet can be exploited to execute arbitrary code remotely, leading to complete system compromise.
SecurityWeek23h
Halo ITSM Vulnerability Exposed Organizations to Remote Hacking
An unauthenticated SQL injection vulnerability in Halo ITSM could have been exploited to read, modify, or insert data.