A software supply chain attack has lead to the publication of malicious versions of Solana’s web3.js library on the npm registry. Just like the recent Lottie Player supply chain... Read more »

A targeted hunt on 2,500 mobile devices for indicators of compromise associated with mercenary spyware has revealed that its use is not as rare as one would hope. The... Read more »

Password policies are a cornerstone of cybersecurity for any organization. A good password policy ensures every end user has a strong and unique password, significantly reducing the risk of... Read more »

Researchers have published a proof-of-concept (PoC) exploit for CVE-2024-8785, a critical remote code execution vulnerability affecting Progress WhatsUp Gold, a popular network monitoring solution for enterprises. CVE-2024-8785 and the... Read more »

Fortinet announced FortiAppSec Cloud, a new cloud-delivered platform that integrates key web application security and performance management tools into a single offering. The platform streamlines web and API security,... Read more »

AttackIQ announced AttackIQ Flex 3.0, agentless security control validation that integrates natively with Splunk to deliver a fully seamless user experience. A growing need for efficient and accurate threat... Read more »

Veeam Software released Veeam Data Platform v12.3. This release encompasses three key objectives for enterprises: protecting identity and access management with support for backing up Microsoft Entra ID, powering... Read more »

Elastic announced Elastic Security now offers expanded cloud detection and response (CDR) capabilities from a single SIEM to reduce tool fragmentation and streamline cloud security. The additional features include... Read more »

Veza announced Veza Access Requests product, enabling organizations to reduce the risk of identity-based threats with automated access policy intelligence for application access. Veza Access Requests ensures that users... Read more »