Tag: software
-
Novo Nordisk Breach Highlights Software Development Pipeline Risk
A leaked GitHub token underscores what most organizations get wrong: Treating secrets management as a tooling problem rather than an identity problem. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/novo-nordisk-breach-exposes-dev-pipeline-risk
-
Squidbleed: 29 Jahre alte Lücke in populärer Proxy-Software entdeckt
Seit 1997 klafft in der Proxy-Software Squid eine Lücke, mit der sich HTTP-Traffic abgreifen lässt. Drei Jahrzehnte später hat eine KI sie gefunden. First seen on golem.de Jump to article: www.golem.de/news/squidbleed-29-jahre-alte-luecke-in-populaerer-proxy-software-entdeckt-2606-210022.html
-
Squidbleed: 29 Jahre alte Lücke in populärer Proxy-Software entdeckt
Seit 1997 klafft in der Proxy-Software Squid eine Lücke, mit der sich HTTP-Traffic abgreifen lässt. Drei Jahrzehnte später hat eine KI sie gefunden. First seen on golem.de Jump to article: www.golem.de/news/squidbleed-29-jahre-alte-luecke-in-populaerer-proxy-software-entdeckt-2606-210022.html
-
Squidbleed: 29 Jahre alte Lücke in populärer Proxy-Software entdeckt
Seit 1997 klafft in der Proxy-Software Squid eine Lücke, mit der sich HTTP-Traffic abgreifen lässt. Drei Jahrzehnte später hat eine KI sie gefunden. First seen on golem.de Jump to article: www.golem.de/news/squidbleed-29-jahre-alte-luecke-in-populaerer-proxy-software-entdeckt-2606-210022.html
-
The systemd 261 release brings a software TPM, new OS installer
Linux distributions that ship systemd as their init system now have a new version to track. The systemd 261 update adds a cloud metadata subsystem, carries process state … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/22/systemd-261-released/
-
From PGP to Mythos: a brief history of export controls that didn’t stop anyone
For the last 30 years, stopping the flow of cybersecurity-related software has proven to be ineffective. It’s unclear why it would work now with Anthropic’s cybersecurity model Mythos. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/19/encryption-spyware-and-now-mythos-history-shows-why-cyber-export-control-doesnt-work/
-
Encryption, spyware, and now Mythos: History shows why cyber export control doesn’t work
For the last 30 years, stopping the flow of cybersecurity-related software has proven to be ineffective. It’s unclear why it would work now with Anthropic’s cybersecurity model Mythos. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/19/encryption-spyware-and-now-mythos-history-shows-why-cyber-export-control-doesnt-work/
-
Cybercriminals abused GitHub, YouTube and VirusTotal to push crypto-stealing malware
A cryptocurrency-stealing malware campaign used inflated GitHub activity, software reviews, YouTube tutorials and favorable VirusTotal comments to make malicious trading and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/19/fake-github-stars-crypto-stealing-malware/
-
Unpatchable ‘usbliter8’ Exploit Breaks Apple A12 and A13 SecureROM Boot Chain
Security researchers at Paradigm Shift have published a working exploit, dubbed usbliter8, that achieves arbitrary code execution inside the SecureROM of Apple’s A12 and A13 chips.That code is burned into the silicon at manufacture. No software update can reach it. Affected devices will carry this flaw for as long as they stay in use.This is…
-
Unpatchable ‘usbliter8’ Exploit Breaks Apple A12 and A13 SecureROM Boot Chain
Security researchers at Paradigm Shift have published a working exploit, dubbed usbliter8, that achieves arbitrary code execution inside the SecureROM of Apple’s A12 and A13 chips.That code is burned into the silicon at manufacture. No software update can reach it. Affected devices will carry this flaw for as long as they stay in use.This is…
-
Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data
Salesforce has revealed that it disabled the Klue Battlecards app integration within its platform in response to a security incident impacting the competitive intelligence company on June 11, 2026.To that end, organizations will be unable to connect to Salesforce via the app until further notice, the American cloud-based software company noted in an alert published…
-
CVE-2026-48907 and LiteSpeed cPanel Plugin Flaws Come Under Active Attack
Security researchers and software vendors warn that attackers are actively exploiting vulnerabilities in both Joomla and the LiteSpeed cPanel plugin, posing significant risks to website administrators and shared hosting environments. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cve-2026-48907-joomla-jce-litespeed-cpanel/
-
Addressing Quantum Readiness in Healthcare Security
Healthcare organizations should prepare for post-quantum cryptography without overreacting to hype, said John Frushour, CISO of New York-Presbyterian Hospital. Stronger encryption standards, commercial software support and attention to medical devices can help providers manage emerging risks. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/addressing-quantum-readiness-in-healthcare-security-i-5551
-
Novo Nordisk Breach Exposes Software Development Pipeline Risk
A leaked GitHub token underscores what most organizations get wrong: Treating secrets management as a tooling problem rather than an identity problem. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/novo-nordisk-breach-exposes-dev-pipeline-risk
-
Tor-Based Clipper Malware Targets Wallet Seed Phrases
USB .lnk malware steals crypto via clipboard hijack, replaces wallet addresses, steals seed phrases, and screenshots. Microsoft Threat Intelligence has been tracking a clipboard-stealing malware (Clipper) campaign since February 2026 that targets cryptocurrency wallets. A clipper is a type of malicious software that monitors and manipulates your clipboard, the temporary memory where data is stored…
-
How software development’s speed obsession enabled TeamPCP’s chaos crusade
The threat group’s remarkable success targeting open-source software was inevitable and fueled by the industry’s decision to prioritize code shipping over security. First seen on cyberscoop.com Jump to article: cyberscoop.com/teampcp-breaks-open-source-software-trust-model/
-
Accenture shells out $4.18B on three companies in big industrial cybersecurity push
The consulting giant’s majority stake in Dragos, along with the purchase runZero and NetRise, marks its first major push into operational technology software as AI-driven threats to critical infrastructure intensify. First seen on cyberscoop.com Jump to article: cyberscoop.com/accenture-industrial-cybersecurity-acquisition-dragos-netrise-runzero/
-
Law enforcement hits SocGholish: 106 servers down, 15,000 sites cleaned
SocGholish, an operation that’s been delivering malware to users via fake software updates, has suffered a major blow: the international law enforcement coalition behind … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/18/law-enforcement-socgholish-operation-endgame/
-
145 Mastra npm Packages Compromised via Hijacked Contributor Account
As many as 145 npm packages associated with the Mastra namespace (“@mastra/*”), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) applications, have been compromised as part of a software supply chain attack codenamed easy-day-js, per findings from Endor Labs, JFrog, OX Security, SafeDep, Socket, StepSecurity, and Synk.”A single npm account (…
-
Scripting the disassembler: Local agentic reverse engineering through vbdec’s live COM object model
Cisco Talos detailed a new approach to reverse engineering that pairs local AI agents with traditional analysis tools like the VB6 disassembler vbdec. Instead of awkwardly bolting AI onto the software, vbdec exposes its parsed data through a live COM interface. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/scripting-the-disassembler/
-
GentleKiller targets more than 400 security processes across 48 products
Most ransomware operations leave the work of disabling endpoint security software to their affiliates. The ransomware-as-a-service gang Gentlemen runs a different model. Its … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/18/eset-gentlemen-edr-killers/
-
What happens to oversight when AI agents write a lab’s own code
Inside the labs building frontier AI, a growing share of the coding gets done by the AI itself. These agents write, edit, and run software with light human oversight between … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/18/research-ai-coding-agent-oversight/
-
Homebrew tightens tap security, begins work on its interface
Anyone who installs software through a third-party Homebrew tap runs Ruby code written by people outside the project, and that code runs without a sandbox. That risk sits at … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/18/homebrew-6-0-0-released/
-
Most agentic AI projects in production have stalled over data problems
Enterprises are connecting AI agents to live data feeds and putting them to work on tasks that once required human review, from IT operations to software development. The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/18/report-agentic-ai-in-production/
-
SpaceX Bets Big on AI Coding With $60B Cursor Deal
Cursor Engineers Gain Access to Colossus for Large-Scale Model Training. SpaceX has agreed to acquire Cursor parent Anysphere for $60 billion in an all-stock transaction, combining one of the fastest-growing AI coding platforms with massive computing infrastructure to accelerate development of frontier AI models and autonomous software engineering agents. First seen on govinfosecurity.com Jump to…
-
SpaceX Bets Big on AI Coding With $60B Cursor Deal
Cursor Engineers Gain Access to Colossus for Large-Scale Model Training. SpaceX has agreed to acquire Cursor parent Anysphere for $60 billion in an all-stock transaction, combining one of the fastest-growing AI coding platforms with massive computing infrastructure to accelerate development of frontier AI models and autonomous software engineering agents. First seen on govinfosecurity.com Jump to…
-
SpaceX Bets Big on AI Coding With $60B Cursor Deal
Cursor Engineers Gain Access to Colossus for Large-Scale Model Training. SpaceX has agreed to acquire Cursor parent Anysphere for $60 billion in an all-stock transaction, combining one of the fastest-growing AI coding platforms with massive computing infrastructure to accelerate development of frontier AI models and autonomous software engineering agents. First seen on govinfosecurity.com Jump to…
-
Why Account Takeovers Are Rising and How to Stop Them
Account takeovers are rising as attackers bypass traditional defenses through phishing, session hijacking, and MFA fatigue. Specops Software explores how device trust and continuous verification help reduce account takeover risk. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/why-account-takeovers-are-rising-and-how-to-stop-them/
-
Hackers Target npm Ecosystem by Compromising 140+ Mastra Packages
A large-scale software supply chain attack has compromised more than 140 npm packages under the widely used Mastra namespace, exposing developers, CI/CD pipelines, and enterprise environments to a stealthy cross-platform infostealer. The campaign, uncovered by the Socket Research Team on June 17, 2026, leveraged a typosquatting dependency, easy-day-js, to silently deliver malicious payloads during package…
-
Hackers Target npm Ecosystem by Compromising 140+ Mastra Packages
A large-scale software supply chain attack has compromised more than 140 npm packages under the widely used Mastra namespace, exposing developers, CI/CD pipelines, and enterprise environments to a stealthy cross-platform infostealer. The campaign, uncovered by the Socket Research Team on June 17, 2026, leveraged a typosquatting dependency, easy-day-js, to silently deliver malicious payloads during package…

