News Blog
[ad_1] Apr 16, 2024NewsroomSupply Chain / Software Security Security researchers have uncovered a “credible” takeover attempt targeting the OpenJS Foundation in a manner that evokes similarities to the recently uncovered incident aimed at the open-source XZ Utils project. “The OpenJS Foundation Cross Project Council received a suspicious series of emails with similar messages, bearing different…
[ad_1] Mar 14, 2024NewsroomContainer Security / Vulnerability Details have been made public about a now-patched high-severity flaw in Kubernetes that could allow a malicious attacker to achieve remote code execution with elevated privileges under specific circumstances. “The vulnerability allows remote code execution with SYSTEM privileges on all Windows endpoints within a Kubernetes cluster,” Akamai security…
[ad_1] Feb 07, 2024NewsroomCybersecurity / Software Security JetBrains is alerting customers of a critical security flaw in its TeamCity On-Premises continuous integration and continuous deployment (CI/CD) software that could be exploited by threat actors to take over susceptible instances. The vulnerability, tracked as CVE-2024-23917, carries a CVSS rating of 9.8 out of 10, indicative of…