• admin
• Backdoor
• Buys
• marzo 23, 2026
• 0 Comentarios

CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers & More

Ravie LakshmananMar 23, 2026Cybersecurity / Hacking Another week, another reminder that the internet is still a mess. Systems people thought were secure are being broken in simple ways, showing many…

Continue reading

• admin
• Attack
• Attackers
• marzo 23, 2026
• 0 Comentarios

We Found Eight Attack Vectors Inside AWS Bedrock. Here’s What Attackers Can Do with Them

AWS Bedrock is Amazon’s platform for building AI-powered applications. It gives developers access to foundation models and the tools to connect those models directly to enterprise data and systems. That…

Continue reading

• admin
• Deploys
• Hits
• marzo 23, 2026
• 0 Comentarios

Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware

Ravie LakshmananMar 23, 2026Email Security / Cloud Security Microsoft has warned of fresh campaigns that are capitalizing on the upcoming tax season in the U.S. to harvest credentials and deliver…

Continue reading

• admin
• Docker
• Hack
• marzo 23, 2026
• 0 Comentarios

Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper

Ravie LakshmananMar 23, 2026Cloud Security / DevOps Cybersecurity researchers have uncovered malicious artifacts distributed via Docker Hub following the Trivy supply chain attack, highlighting the widening blast radius across developer…

Continue reading

• admin
• CVE202532975
• CVSS
• marzo 23, 2026
• 0 Comentarios

Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems

Ravie LakshmananMar 23, 2026Vulnerability / Endpoint Security Threat actors are suspected to be exploiting a maximum-severity security flaw impacting Quest KACE Systems Management Appliance (SMA), according to Arctic Wolf. The…

Continue reading

• admin
• Attacks
• FBI
• marzo 21, 2026
• 0 Comentarios

FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks

Ravie LakshmananMar 21, 2026Cyber Espionage / Threat Intelligence Threat actors affiliated with Russian Intelligence Services are conducting phishing campaigns to compromise commercial messaging applications (CMAs) like WhatsApp and Signal to…

Continue reading

• admin
• Critical
• CVE202621992
• marzo 21, 2026
• 0 Comentarios

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

Ravie LakshmananMar 21, 2026Vulnerability / Threat Intelligence Oracle has released security updates to address a critical security flaw impacting Identity Manager and Web Services Manager that could be exploited to…

Continue reading

• admin
• Apple
• April
• marzo 21, 2026
• 0 Comentarios

CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026

Ravie LakshmananMar 21, 2026Vulnerability / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added five security flaws impacting Apple, Craft CMS, and Laravel Livewire to its…

Continue reading

• admin
• Attack
• CanisterWorm
• marzo 21, 2026
• 0 Comentarios

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

Ravie LakshmananMar 21, 2026Malware / Threat Intelligence The threat actors behind the supply chain attack targeting the popular Trivy scanner are suspected to be conducting follow-on attacks that have led…

Continue reading

• admin
• Actions
• Breached
• marzo 20, 2026
• 0 Comentarios

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy, a popular open-source vulnerability scanner maintained by Aqua Security, was compromised a second time within the span of a month to deliver malware that stole sensitive CI/CD secrets. The…

Continue reading