AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE
Cybersecurity researchers have disclosed details of a new method for exfiltrating sensitive…
Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations
Threat hunters have called attention to a new campaign as part of…
AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks
A critical misconfiguration in Amazon Web Services (AWS) CodeBuild could have allowed…
Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign
Dec 16, 2025Ravie LakshmananMalware / Threat Detection An ongoing campaign has been…
Popular Chrome Extensions Leak API Keys, User Data via HTTP and Hardcoded Credentials
Jun 05, 2025Ravie LakshmananBrowser Security / Online Safety Cybersecurity researchers have flagged…
Amazon EC2 SSM Agent Flaw Patched After Privilege Escalation via Path Traversal
Apr 08, 2025Ravie LakshmananCloud Security / Vulnerability Cybersecurity researchers have disclosed details…
Malicious PyPI Packages Stole Cloud Tokens—Over 14,100 Downloads Before Removal
Mar 15, 2025Ravie Lakshmanan Malware / Supply Chain Security Cybersecurity researchers have…
Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster to Exploitation
Cybersecurity researchers have uncovered three security weaknesses in Microsoft's Azure Data Factory…