You might be interested in …

[HackerNews] Researchers Uncover Rust Supply-Chain Attack Targeting Cloud CI Pipelines

All posts, HackerNews

A case of software supply chain attack has been observed in the Rust programming language’s crate registry that leveraged typosquatting techniques to publish a rogue library containing malware. Cybersecurity firm SentinelOne dubbed the attack “CrateDepression.” Typosquatting attacks take place when an adversary mimics the name of a popular package on a public registry in hopes that developers Source: Read […]

Read More

[SANS ISC] Emptying the Phishtank: Are WordPress sites the Mosquitoes of the Internet?, (Mon, Apr 4th)

All posts, Sans-ISC

[This post was created with help from Jesse La Grew, one of our SANS.edu undergraduate student interns] In November, an accountant working for a construction company received an innocent enough-looking email: An update on the terms to submit bills to a local county. Seeing the email, the accountant clicked on the link and quickly downloaded […]

Read More

[SecurityWeek] XSS Vulnerability in Cisco Security Products Exploited in the Wild

All posts, Security Week

A cross-site scripting (XSS) vulnerability patched last year in Cisco’s Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software has reportedly been exploited in the wild. read more Source: Read More (SecurityWeek RSS Feed)

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.