Researchers detail a CI/CD attack leading to PyTorch releases compromise via GitHub Actions self-hosted runners.
The post New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise appeared first on SecurityWeek.
Mandiant Details How Its X Account Was Hacked
Mandiant’s X account was hacked as a result of a brute force attack as part of a cryptocurrency scheme that earned at least $900k.
The post Mandiant Details How Its X Account Was Hacked appeared first on SecurityWeek.
Hewlett Packard Enterprise to Acquire Juniper Networks for $14 Billion
This acquisition is expected to double HPE’s networking business and expand its portfolio with AI-native networking offerings.
The post Hewlett Packard Enterprise to Acquire Juniper Networks for $14 Billion appeared first on SecurityWeek.
Bosch Nutrunner Vulnerabilities Could Aid Hacker Attacks Against Automotive Production Lines
Hackers can take complete control of Bosch Rexroth nutrunners, installing ransomware or altering settings to cause financial impact and brand damage.
The post Bosch Nutrunner Vulnerabilities Could Aid Hacker Attacks Against Automotive Production Lines appeared first on SecurityWeek.
Merck Settles NotPetya Insurance Claim, Leaving Cyberwar Definition Unresolved
In a landmark case that blurs the lines between cyber and kinetic warfare, Merck reached a settlement with insurers over a $1.4 billion claim stemming from the NotPetya malware attack.
The post Merck Settles NotPetya Insurance Claim, Leaving Cyberwar Definition Unresolved appeared first on SecurityWeek.
RIPE Account Hacking Leads to Major Internet Outage at Orange Spain
Orange Spain’s internet went down for several hours after its RIPE account was hacked, likely after malware stole the credentials.
The post RIPE Account Hacking Leads to Major Internet Outage at Orange Spain appeared first on SecurityWeek.
Xerox Confirms Data Breach at US Subsidiary Following Ransomware Attack
Xerox says personal information was stolen in a cyberattack at US subsidiary Xerox Business Solutions.
The post Xerox Confirms Data Breach at US Subsidiary Following Ransomware Attack appeared first on SecurityWeek.
States and Congress Wrestle With Cybersecurity After Iran Attacks Small Town Water Utilities
The hacking of a municipal water plant is prompting new warnings from U.S. security officials at a time when governments are wrestling with how to harden water utilities against cyberattacks.
The post States and Congress Wrestle With Cybersecurity After Iran Attacks Small Town Water Utilities appeared first on SecurityWeek.
Critical Apache OFBiz Vulnerability in Attacker Crosshairs
Shadowserver sees possible in-the-wild exploitation of a critical Apache OFBiz vulnerability tracked as CVE-2023-49070.
The post Critical Apache OFBiz Vulnerability in Attacker Crosshairs appeared first on SecurityWeek.
Mysterious Apple SoC Feature Exploited to Hack Kaspersky Employee iPhones
iOS zero-click attack targeting Kaspersky iPhones bypassed hardware-based security protections to take over devices.
The post Mysterious Apple SoC Feature Exploited to Hack Kaspersky Employee iPhones appeared first on SecurityWeek.
