Heroku is suffering a widespread outage that has lasted over six hours, preventing developers from logging into the platform and breaking website functionality. […]
Rust-based Myth Stealer Malware Spread via Fake Gaming Sites Targets Chrome, Firefox Users
Cybersecurity researchers have shed light on a previously undocumented Rust-based information stealer called Myth Stealer that’s being propagated via fraudulent gaming websites.
“Upon execution, the malware displays a fake window to appear legitimate while simultaneously decrypting and executing malicious code in the background,” Trellix security researchers Niranjan Hegde, Vasantha Lakshmanan
“Upon execution, the malware displays a fake window to appear legitimate while simultaneously decrypting and executing malicious code in the background,” Trellix security researchers Niranjan Hegde, Vasantha Lakshmanan
AI is a data-breach time bomb, reveals new report
AI acts like Pac-Man—devouring sensitive data across clouds, apps, and copilots. Varonis analyzed 1,000 orgs and found 99% have exposed data AI can access, exposing them to data risks. […]
OpenAI working to fix ChatGPT outage affecting users worldwide
OpenAI is working to fix an ongoing outage impacting ChatGPT users worldwide and preventing them from accessing the chatbot on the web or via mobile and desktop apps. […]
Hackers Stole 300,000 Crash Reports From Texas Department of Transportation
The Texas Department of Transportation has disclosed a data breach impacting the personal information included in 300,000 crash reports.
The post Hackers Stole 300,000 Crash Reports From Texas Department of Transportation appeared first on SecurityWeek.
Swimlane Raises $45 Million for Security Automation Platform
Swimlane has raised $45 million in a growth funding round to fuel its global channel expansion and product innovation.
The post Swimlane Raises $45 Million for Security Automation Platform appeared first on SecurityWeek.
Five Zero-Days, 15 Misconfigurations Found in Salesforce Industry Cloud
Security researchers uncover critical flaws and widespread misconfigurations in Salesforce’s industry-specific CRM solutions.
The post Five Zero-Days, 15 Misconfigurations Found in Salesforce Industry Cloud appeared first on SecurityWeek.
Five plead guilty to laundering $36 million stolen in investment scams
Five men from China, the United States, and Turkey pleaded guilty to their involvement in an international crime ring and laundering nearly $37 million stolen from U.S. victims in cryptocurrency investment scams carried out from Cambodia. […]
Critical Vulnerability Patched in SAP NetWeaver
SAP has fixed a critical NetWeaver vulnerability allowing attackers to bypass authorization checks and escalate their privileges.
The post Critical Vulnerability Patched in SAP NetWeaver appeared first on SecurityWeek.
The Hidden Threat in Your Stack: Why Non-Human Identity Management is the Next Cybersecurity Frontier
Modern enterprise networks are highly complex environments that rely on hundreds of apps and infrastructure services. These systems need to interact securely and efficiently without constant human oversight, which is where non-human identities (NHIs) come in. NHIs — including application secrets, API keys, service accounts, and OAuth tokens — have exploded in recent years, thanks to an