Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication
Mar 24, 2025Ravie LakshmananVulnerability / Cloud Security A set of five critical…
Mastering the Shared Responsibility Model
Cybersecurity isn't just another checkbox on your business agenda. It's a fundamental…
Malicious PyPI Packages Stole Cloud Tokens—Over 14,100 Downloads Before Removal
Mar 15, 2025Ravie Lakshmanan Malware / Supply Chain Security Cybersecurity researchers have…
Over 400 IPs Exploiting Multiple SSRF Vulnerabilities in Coordinated Cyber Attack
Mar 12, 2025Ravie LakshmananCloud Security / Vulnerability Threat intelligence firm GreyNoise is…
China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access
Mar 05, 2025Ravie LakshmananNetwork Security / Data Breach The China-lined threat actor…
VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches
Mar 04, 2025Ravie LakshmananVulnerability / Cloud Security Broadcom has released security updates…
Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail
Mar 03, 2025Ravie LakshmananCloud Security / Email Security Threat actors are targeting…
12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training
A dataset used to train large language models (LLMs) has been found…
Data Leak Exposes TopSec’s Role in China’s Censorship-as-a-Service Operations
Feb 21, 2025Ravie LakshmananSurveillance / Content Monitoring An analysis of a data…