Infoblox has unveiled Hazy Hawk, a new cybersecurity threat that has been exploiting abandoned cloud resources (including S3 and Azure) and gaps in DNS since December 2023. Understanding their methods is crucial for protecting your organization and users. Cybersecurity analysts at Infoblox Threat Intelligence have disclosed significant findings regarding a…
Security Vulnerability Discovered in ElizaOS: A Potential Threat to User Interaction Recent research has unveiled a critical vulnerability in ElizaOS, a framework designed for multi-user interaction through natural language processing. The architecture’s reliance on shared contextual inputs among users raises significant security concerns. Researchers warn that a single manipulation by…
A hacker group claiming ties to Anonymous has reportedly breached GlobalX Airlines, leading to the release of sensitive flight and passenger data associated with controversial deportation flights. GlobalX Airlines, a US charter airline contracted by the government for deportation operations, has found itself the target of a cyber attack by…
The cybersecurity landscape is increasingly becoming a focal point for nation-state actors. George Barnes, a former deputy director at the National Security Agency (NSA), emphasizes this, highlighting the potential threats posed by Russian intelligence agencies to open-source software, specifically mentioning the library easyjson. With 36 years of experience at the…
A 25-year-old man from Santa Clarita, California, has agreed to plead guilty to a significant cybersecurity breach involving unauthorized access to the personal computer of a Walt Disney Company employee. This incident, which occurred last year, has raised serious concerns regarding data security at one of the largest entertainment conglomerates…
Large-Scale Ransomware Campaign Targets AWS Users with Stolen Access Keys A significant ransomware campaign has come to light, exploiting over 1,200 compromised Amazon Web Services (AWS) access keys to target users of AWS S3 buckets, a widely used cloud storage solution. Researchers from Cybernews reported this alarming trend, revealing that…
Advanced SOC Operations / CSOC, Next-Generation Technologies & Secure Development, Security Operations Exaforce Unveils AI-Driven Automation to Enhance Security Operations for Enterprises Michael Novinson (@MichaelNovinson) • April 17, 2025 Ankur Singla, CEO of Exaforce (Image: Exaforce) A startup, launched by a former leader at F5 Networks’ security division, has successfully…
GitHub Security Alert: Malicious Code Discovered in Popular Action Affecting Thousands of Repositories A significant security vulnerability has been identified in the GitHub Action ‘tj-actions/changed-files,’ which has implications for over 23,000 repositories. This issue was brought to light by StepSecurity’s CI/CD security solution, Harden-Runner, drawing attention to the potential risks…
3rd Party Risk Management: Governance & Risk Management Over 23,000 Code Repositories Compromised Following Malicious Code Injection into GitHub Actions By Mathew J. Schwartz (euroinfosec) March 17, 2025 In a significant cybersecurity incident, attackers have compromised a popular tool integral to software development on GitHub, potentially exposing sensitive information from…
