Cybersecurity researchers have recently discovered two high severity vulnerabilities in JetBrains TeamCity On-Premises software. The software is described as a “powerful and user-friendly Continuous Integration and Deployment server”, that developers can use to build, check, and run automated tests on
Author: Sead Fadilpascaroni263
Most codebases contain a huge amount of open source vulnerabilities
The number of commercial codebases containing high-risk vulnerabilities integrated through open source components has increased dramatically year-on-year. A report from Synopsys found almost three-quarters (74%) contained vulnerabilities that are being actively exploited, have proof-of-concepts (PoC), or are classified as remote
American Express confirms customer details exposed — third-party data breach sees info leaked online
Some American Express card users may have had their sensitive data exposed to hackers, the company has confirmed. In a breach notification letter sent to affected customers, the credit card giant claimed it wasn’t American Express infrastructure that was breached,
Ivanti VPN security flaws are being attacked again by Chinese hackers
The recently discovered Ivanti VPN security flaws are still being abused, researchers have claimed – with Chinese hackers now taking advantage of the vulnerabilities to deploy all kinds of malware. Cybersecurity researchers from Google-owned Mandiant have claimed the Chinese group
AI models could be attacked, flawed by this Hugging Face security issue — security worries add to AI concerns
There is a way to abuse the Hugging Face Safetensors conversion tool to hijack AI models and mount supply chain attacks. This is according to security researchers from HiddenLayer, who discovered the flaw and published their findings last week, The
Most data breaches on enterprise attack the supply chain
The vast majority of data breaches happening in the enterprise occurred through the software and technology supply chain. This is according to a new research paper published by SecurityScorecard, which claims 75% of all third-party breaches targeted the software and
A massive new spam campaign is using some devious tricks — including spoofing some of the world’s biggest brands
Hackers have found a way to send spam emails that appear to hvae originated from trusted organizations, including some of the world’s biggest brands, in a new campaign that has been described as “massive”. The messages themselves are what you’d
One of the world’s largest steel makers has been hit by a cyberattack — and its automotive division had to shut down to contain it
Steel manufacturing giant ThyssenKrupp has confirmed that it suffered a cyberattack attack last week which forced parts of its IT infrastructure offline. Given the company’s position as one of the global leaders in steel production, the attack is bound to
Microsoft’s top new security tools wants to help keep your shiny new generative AI systems safe for good
Microsoft has unveiled a new security tool aimed at keeping generative AI tools secure, and safe to use. PyRIT, short for Python Risk Identification Toolkit for generative AI, will help developers respond to growing threats facing businesses of all sizes
Change Healthcare hit by major cyberattack — US health tech giant sees website taken offline, login pages unavailable
Change Healthcare has suffered a cyberattack which knocked some of its services offline and sent ripples throughout the healthcare industry. The company posted a short announcement on its status update website, saying a problem has been identified. “Some applications are