Google has integrated OSV-SCALIBR features into OSV-Scanner, its free vulnerability scanner for open source developers.
The post Google Releases Major Update for Open Source Vulnerability Scanner appeared first on SecurityWeek.
Google to purchase Wiz for $32 billion in cloud security play
Google has announced it entered into a definitive agreement to acquire Wiz, a leading cloud security platform, for $32 billion in an all-cash transaction. […]
New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors
Cybersecurity researchers have disclosed details of a new supply chain attack vector dubbed Rules File Backdoor that affects artificial intelligence (AI)-powered code editors like GitHub Copilot and Cursor, causing them to inject malicious code.
“This technique enables hackers to silently compromise AI-generated code by injecting hidden malicious instructions into seemingly innocent
“This technique enables hackers to silently compromise AI-generated code by injecting hidden malicious instructions into seemingly innocent
Critical AMI MegaRAC bug can let attackers hijack, brick servers
A new critical severity vulnerability found in American Megatrends International’s MegaRAC Baseboard Management Controller (BMC) software can let attackers hijack and potentially brick vulnerable servers. […]
Blockchain gaming platform WEMIX hacked to steal $6.1 million
Blockchain gaming platform WEMIX suffered a cyberattack last month, allowing threat actors to steal 8,654,860 WEMIX tokens, valued at approximately $6,100,000 at the time. […]
Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017
An unpatched security flaw impacting Microsoft Windows has been exploited by 11 state-sponsored groups from China, Iran, North Korea, and Russia as part of data theft, espionage, and financially motivated campaigns that date back to 2017.
The zero-day vulnerability, tracked by Trend Micro’s Zero Day Initiative (ZDI) as ZDI-CAN-25373, refers to an issue that allows bad actors to execute hidden
The zero-day vulnerability, tracked by Trend Micro’s Zero Day Initiative (ZDI) as ZDI-CAN-25373, refers to an issue that allows bad actors to execute hidden
Google Acquires Wiz for $32 Billion in Its Biggest Deal Ever to Boost Cloud Security
Google is making the biggest ever acquisition in its history by purchasing cloud security company Wiz in an all-cash deal worth $32 billion.
“This acquisition represents an investment by Google Cloud to accelerate two large and growing trends in the AI era: improved cloud security and the ability to use multiple clouds (multicloud),” the tech giant said today.
It added the acquisition, which is
“This acquisition represents an investment by Google Cloud to accelerate two large and growing trends in the AI era: improved cloud security and the ability to use multiple clouds (multicloud),” the tech giant said today.
It added the acquisition, which is
11 State-Sponsored APTs Exploiting LNK Files for Espionage, Data Theft
ZDI has uncovered 1,000 malicious .lnk files used by state-sponsored and cybercrime threat actors to execute malicious commands.
The post 11 State-Sponsored APTs Exploiting LNK Files for Espionage, Data Theft appeared first on SecurityWeek.
New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking
A critical security vulnerability has been disclosed in AMI’s MegaRAC Baseboard Management Controller (BMC) software that could allow an attacker to bypass authentication and carry out post-exploitation actions.
The vulnerability, tracked as CVE-2024-54085, carries a CVSS v4 score of 10.0, indicating maximum severity.
“A local or remote attacker can exploit the vulnerability by accessing the
The vulnerability, tracked as CVE-2024-54085, carries a CVSS v4 score of 10.0, indicating maximum severity.
“A local or remote attacker can exploit the vulnerability by accessing the
Google to Acquire Cloud Security Giant Wiz for $32 Billion in Cash
Google has confirmed reports that it’s buying cloud security giant Wiz and says it’s prepared to pay $32 billion in cash.
The post Google to Acquire Cloud Security Giant Wiz for $32 Billion in Cash appeared first on SecurityWeek.