Despite GitHub’s efforts to prevent repository hijacking, cybersecurity researchers continue finding new attack methods, and thousands of code packages and millions of users could be at risk. Repojacking is a repository hijacking method that involves renamed GitHub usernames. If a user renames their account, their old username can be registered by someone else, including malicious […]
The post Thousands of Code Packages Vulnerable to Repojacking Attacks appeared first on SecurityWeek.
British mesh fencing systems maker Zaun discloses LockBit ransomware attack potentially impacting data related to UK military and intelligence sites.
The post Ransomware Attack on Fencing Systems Maker Zaun Impacts UK Military Data appeared first on SecurityWeek.
Silk Security raised $12.5 million in seed funding and is on a mission to break down the silos between security and development with an integrated ‘find and fix’ platform.
The post Silk Security Emerges from Stealth With $12.5 Million Seed Funding appeared first on SecurityWeek.
ICS Patch Tuesday: Siemens and Schneider Electric have published more than a dozen advisories addressing over 200 vulnerabilities.
The post ICS Patch Tuesday: Siemens Addresses Over 180 Third-Party Component Vulnerabilities appeared first on SecurityWeek.
Five Eyes agencies have issued joint cybersecurity guidance and best practices for smart cities.
The post Five Eyes Agencies Issue Cybersecurity Guidance for Smart Cities appeared first on SecurityWeek.
Cisco’s semiannual security updates for IOS and IOS XE software resolve high-severity DoS, command injection, and privilege escalation vulnerabilities.
The post Cisco Patches High-Severity Vulnerabilities in IOS Software appeared first on SecurityWeek.
Google has suspended the Chinese shopping app Pinduoduo on its app store after malware was discovered in versions of the app from other sources.
The post Google Suspends Chinese Shopping App Amid Security Concerns appeared first on SecurityWeek.
A new CISA pilot program to warn critical infrastructure organizations if their systems are unpatched against vulnerabilities exploited in ransomware attacks.
The post CISA Program Warns Critical Infrastructure Organizations Vulnerable to Ransomware Attacks appeared first on SecurityWeek.