ASUS has announced critical updates to mitigate two significant security vulnerabilities found in ASUS DriverHub. These flaws, if successfully exploited, could allow an attacker to achieve remote code execution, putting users at considerable risk. DriverHub is a utility designed to automatically identify a computer’s motherboard model and facilitate the installation…
A newly identified North Korean cyber operator has been linked to multiple campaigns aimed at gathering intelligence strategically aligned with Pyongyang’s geopolitical goals. Since 2018, this group, tracked by Google-affiliated Mandiant as APT43, has pursued both espionage and financial gain, employing techniques such as credential harvesting and social engineering to…
Cloud Security, Government, Industry Specific U.S. Defense Department Halts and Reviews Microsoft’s ‘Digital Escorts’ Program Chris Riotta (@chrisriotta) • August 29, 2025 Image: Austin Nooe/Shutterstock The U.S. Department of Defense (DoD) has launched a review of Microsoft’s employment of Chinese nationals to assist in coding for military cloud infrastructure. This…
On Friday, Chuck Borges, the chief data officer of the Social Security Administration (SSA), reported that he was forcibly removed from his position after submitting a whistleblower complaint. This complaint alleged serious mishandling of sensitive data within the agency. According to multiple SSA sources, this email was shortly retracted from…
Apr 09, 2025
Secrets Management / DevOps
The 2025 GitGuardian State of Secrets Sprawl report highlights the critical issue of secrets exposure in contemporary software environments. A key driver of this concern is the explosive growth of non-human identities (NHIs), which have consistently outnumbered human users for several years. It’s imperative that we proactively implement security measures and governance for these machine identities, as their ongoing deployment poses unprecedented security risks.
In 2024 alone, a staggering 23.77 million new secrets were leaked on GitHub—a 25% increase from the previous year. This dramatic surge underscores how the rapid proliferation of NHIs, including service accounts, microservices, and AI agents, is significantly expanding the attack surface for cyber threats.
Within DevOps environments, non-human identity secrets, such as API keys and service accounts, now surpass human identities by a ratio of at least 45-to-1, fundamentally altering the security landscape.
Surge in Non-Human Identities Uncovers Significant Security Risks April 9, 2025 In a striking revelation, GitGuardian’s 2025 State of Secrets Sprawl report has illuminated the concerning growth of secrets exposure within contemporary software landscapes. Central to this issue is the rapid proliferation of non-human identities (NHIs), which have increasingly outstripped…
Apr 09, 2025
Secrets Management / DevOps
The 2025 GitGuardian State of Secrets Sprawl report highlights the critical issue of secrets exposure in contemporary software environments. A key driver of this concern is the explosive growth of non-human identities (NHIs), which have consistently outnumbered human users for several years. It’s imperative that we proactively implement security measures and governance for these machine identities, as their ongoing deployment poses unprecedented security risks.
In 2024 alone, a staggering 23.77 million new secrets were leaked on GitHub—a 25% increase from the previous year. This dramatic surge underscores how the rapid proliferation of NHIs, including service accounts, microservices, and AI agents, is significantly expanding the attack surface for cyber threats.
Within DevOps environments, non-human identity secrets, such as API keys and service accounts, now surpass human identities by a ratio of at least 45-to-1, fundamentally altering the security landscape.
Google Gmail Data Breach: Indicators of a Security Compromise and Recommended Actions In a recent cybersecurity incident, Google Gmail accounts have been targeted in a significant data breach, raising alarms for users and businesses alike. The breach potentially affects a wide range of users, particularly those reliant on Gmail for…
May 13, 2025
Vulnerability / Threat Intelligence
A newly identified critical security vulnerability in SAP NetWeaver is being exploited by several nation-state actors linked to China to infiltrate vital infrastructure networks. “Threat actors are taking advantage of CVE-2025-31324, an unauthenticated file upload vulnerability that allows for remote code execution (RCE),” stated EclecticIQ researcher Arda Büyükkaya in a recent analysis. Targets include natural gas distribution, water and waste management utilities in the UK, medical device manufacturing facilities, oil and gas companies in the U.S., and investment and financial regulation ministries in Saudi Arabia. This assessment is based on a publicly accessible directory found on compromised attacker-controlled infrastructure (15.204.56[.]106), which contained event logs detailing activities across numerous breached systems.
China-Affiliated APTs Target 581 Critical Systems via SAP CVE-2025-31324 Exploit May 13, 2025 Vulnerability / Threat Intelligence A newly revealed severe security vulnerability in SAP NetWeaver is being actively exploited by various state-sponsored actors with links to China, posing significant risks to critical infrastructure networks globally. Researchers, including EclecticIQ’s Arda…
May 13, 2025
Vulnerability / Threat Intelligence
A newly identified critical security vulnerability in SAP NetWeaver is being exploited by several nation-state actors linked to China to infiltrate vital infrastructure networks. “Threat actors are taking advantage of CVE-2025-31324, an unauthenticated file upload vulnerability that allows for remote code execution (RCE),” stated EclecticIQ researcher Arda Büyükkaya in a recent analysis. Targets include natural gas distribution, water and waste management utilities in the UK, medical device manufacturing facilities, oil and gas companies in the U.S., and investment and financial regulation ministries in Saudi Arabia. This assessment is based on a publicly accessible directory found on compromised attacker-controlled infrastructure (15.204.56[.]106), which contained event logs detailing activities across numerous breached systems.
March 30, 2023
Cloud Security / Vulnerability
A recently revealed vulnerability in Azure Service Fabric Explorer (SFX) poses a significant risk of unauthenticated remote code execution. Identified as CVE-2023-23383 (CVSS score: 8.2) and coined “Super FabriXss” by Orca Security, this issue draws its name from a prior vulnerability, FabriXss (CVE-2022-35829, CVSS score: 6.2), which Microsoft addressed in October 2022. Security researcher Lidor Ben Shitrit reported that the Super FabriXss vulnerability allows remote attackers to exploit an XSS flaw to execute code on containers running on Service Fabric nodes without requiring authentication. XSS, or cross-site scripting, is a type of client-side injection attack that enables malicious scripts to be uploaded to trusted websites, executing whenever a user visits the compromised site and resulting in harmful outcomes.
Researchers Uncover Critical “Super FabriXss” Vulnerability in Microsoft Azure SFX On March 30, 2023, detailed findings were released concerning a critical vulnerability within Azure Service Fabric Explorer (SFX), which has since been patched. This vulnerability, designated as CVE-2023-23383 and assigned a CVSS score of 8.2, has been dubbed “Super FabriXss”…
March 30, 2023
Cloud Security / Vulnerability
A recently revealed vulnerability in Azure Service Fabric Explorer (SFX) poses a significant risk of unauthenticated remote code execution. Identified as CVE-2023-23383 (CVSS score: 8.2) and coined “Super FabriXss” by Orca Security, this issue draws its name from a prior vulnerability, FabriXss (CVE-2022-35829, CVSS score: 6.2), which Microsoft addressed in October 2022. Security researcher Lidor Ben Shitrit reported that the Super FabriXss vulnerability allows remote attackers to exploit an XSS flaw to execute code on containers running on Service Fabric nodes without requiring authentication. XSS, or cross-site scripting, is a type of client-side injection attack that enables malicious scripts to be uploaded to trusted websites, executing whenever a user visits the compromised site and resulting in harmful outcomes.
AI-Powered Cloud Next-Generation Firewalls, Network Firewalls, Network Access Control, Security Operations Cisco Gains Recognition While HPE Juniper Emerges as a Challenger in New Hybrid Mesh Firewall Rankings Michael Novinson (MichaelNovinson) • August 29, 2025 The initial Magic Quadrant for hybrid mesh firewalls from Gartner has identified industry leaders, with Palo…
