Alerts have been issued by the OpenSSF and OpenJS Foundation following a recent credible takeover attempt on an OpenJS-hosted project involving suspicious emails urging immediate updates for JavaScript projects to address critical vulnerabilities.
Orca Security identifies a critical vulnerability, LeakyCLI, exposing sensitive credentials in major cloud providers’ command-line interfaces.
Pentera report reveals that 51% of organizations have experienced breaches due to lack of pentesting frequency and resource constraints.
Concerns raised about backlog of unanalyzed CVEs in NVD program, prompting open letter to US Secretary of Commerce and Congress.
Microsoft was the most impersonated brand in phishing attacks in Q1 2024, with a campaign using deceptive email subjects and sender identities to trick recipients into revealing sensitive information.
Russia tops the World Cybercrime Index with Ukraine and China following closely behind, with specific types of cybercrimes associated with different countries.
