Enterprise communication and collaboration platform Slack has informed customers that hackers have stolen some of its private source code repositories, but claims impact is limited.
Slack Says Hackers Stole Private Source Code Repositories
Malware Delivered to PyTorch Users in Supply Chain Attack
Last week’s nightly builds of the open source machine learning framework PyTorch were injected with malware following a supply chain attack.
Now part of the Linux Foundation umbrella, PyTorch is based on the Torch library and is used for applications in computer vision and natural language processing fields.
Netwrix Acquires Remediant for PAM Technology
Data security software vendor Netwrix has acquired Remediant, an early-stage startup working on technology in the PAM (privileged access management) category.
Financial terms of the acquisition were not disclosed.
Microsoft Patches Azure Cross-Tenant Data Access Flaw
Microsoft has silently fixed an important-severity security flaw in its Azure Container Service (ACS) after an external researcher warned that a buggy feature allowed cross-tenant network bypass attacks.
LastPass Says Password Vault Data Stolen in Data Breach
Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that could be exposed by brute-forcing or guessing master passwords.
Okta Source Code Stolen by Hackers
Identity and access management solutions provider Okta this week informed customers that some of the company’s source code was stolen recently from its GitHub repositories.
FoxIt Patches Code Execution Flaws in PDF Tools
Foxit Software has rolled out a critical-severity patch to cover a dangerous remote code execution flaw in its flagship PDF Reader and PDF Editor products.
US Food Companies Warned of BEC Attacks Stealing Food Product Shipments
The Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the US Department of Agriculture (USDA) are raising alarm on business email compromise (BEC) attacks leading to the theft of shipments of food products and ingredients.
GitHub Announces Free Secret Scanning, Mandatory 2FA
Microsoft-owned code hosting platform GitHub this week announced multiple security improvements, including free secret scanning for public repositories and mandatory two-factor authentication (2FA) for developers and contributors.
API Security Firm FireTail Raises $5 Million
API security startup FireTail this week announced that it has raised $5 million in an early-stage financing round led by Paladin Capital Group, with participation from General Advance, Secure Octane, Zscaler, and angel investors.
