Flux RSS

— Sources secondaires

67articles RSS

1K+ cloud environments infected following Trivy supply chain attack

Vulnérabilités & PatchesThe Register Securityil y a 6 jours

Crims 'creating a snowball effect' across open source projects RSAC 2026 Thousands of organizations' cloud environments have been infected with secret-stealing malware as a result of the Trivy supply-chain attack last week, and now the crims that compromised the open source scanners are working with notorious extortion crews like Lapsus$.…

LiteLLM loses game of Trivy pursuit, gets compromised

Vulnérabilités & PatchesThe Register Securityil y a 6 jours

Python interface for LLMs infected with malware via polluted CI/CD pipeline Two versions of LiteLLM, an open source interface for accessing multiple large language models, have been removed from the Python Package Index (PyPI) following a supply chain attack that injected them with malicious credential-stealing code.…

HackerOne slams supplier for delayed breach notice after staff data exposed

Gouvernance & RégulationThe Register Securityil y a 6 jours

Nearly 300 employees caught up in intrusion at benefits provider Navia Almost 300 HackerOne employees are caught up in a data breach, with the bug bounty biz slamming a third-party benefits provider for a weeks-long delay in notification.…

Country that put backdoors into Cisco routers to spy on world bans foreign routers

Malware & RansomwareThe Register Securityil y a 6 jours

Unfortunately, there aren't many options unless you're Starlink Citing national security fears, America is effectively banning any new consumer-grade network routers made abroad.…

Russian initial access broker who fed ransomware crews gets 81 months in US prison

Malware & RansomwareThe Register Securityil y a 6 jours

Aleksei Volkov sentenced after enabling attacks that cost victims millions A Russian national who sold the keys to corporate networks faces nearly seven years in a US prison after prosecutors tied his handiwork to a string of ransomware attacks costing victims millions of dollars.…

Claude attacks were 'Rorschach test' for infosec community, scaring former NSA boss

Outils & RechercheThe Register Securityil y a 7 jours

'It freakin' worked' says Rob Joyce - and shows how relentless AI agents can find holes humans miss RSAC 2026 The now-infamous Anthropic report about Chinese cyberspies abusing Claude AI to automate cyberattacks was a Rorschach test for the infosec community, according to former NSA cyber boss Rob Joyce.…

Lightning-fast exploits make it essential to patch fast, ask questions later

Gouvernance & RégulationThe Register Securityil y a 7 jours

Here's where you ought to spend your security billable hours budget this year Strengthen your MFA policies, double-down on anti-phishing training, and for Jobs' sake, patch all your vulns right away. The past year of intelligence collected by Cisco's Talos threat hunters suggests that attackers are moving faster to exploit vulns, and fooling more staff than ever into giving up their credentials. …

Page 4 / 4

Precedent Suivant