CISA warns of five-year-old GitLab flaw exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their systems against a five-year-old GitLab vulnerability that is actively being exploited in ...

The Double-Edged Sword of Non-Human Identities

Leaked non-human identities like API keys and tokens are becoming a major breach driver in cloud environments. Flare shows ...
SecurityWeek

Fresh SolarWinds Vulnerability Exploited in Attacks

CISA warns that a fresh critical-severity SolarWinds vulnerability leading to unauthenticated RCE has been exploited in attacks.

Confluent, Inc. (CFLT): A bull case theory

We came across a bullish thesis on Confluent, Inc. on Outperforming the Market’s Substack by Simple Investing. In this ...
TechBooky

What “Continuous” Actually Means in Modern AppSec

In the software development world, "continuous" is a heavy lifter. We have Continuous Integration (CI), Continuous Deployment ...
CSO Online

Threat actors hijack web traffic after exploiting React2Shell vulnerability: Report

Hijacking web traffic is an old tactic for threat actors. In fact David Shipley, head of Canadian security awareness training ...
Intelligent CIOOpinion

Agentic Attacks demand Agentic Defenses: Here’s where Asia Pacific security teams should start

Security teams in Asia Pacific must respond in kind. Red teams and defensive practitioners need AI agents that can tap into ...