Over a billion records belonging to CVS Health exposed online
The exposure is another example of misconfiguration that can impact security. Read more from the Source
Introducing SLSA, an End-to-End Framework for Supply Chain Integrity
Posted Kim Lewandowski, Google Open Source Security Team & Mark Lodato, Binary Authorization for Borg Team Supply chain integrity attacks—unauthorized modifications to software packages—have been on the rise in the…
Cross-Site Request Forgery Patched in WP Fluent Forms
On March 2, 2021, the Wordfence Threat Intelligence team responsibly disclosed a Cross-Site Request Forgery(CSRF) vulnerability in WP Fluent Forms, a WordPress plugin installed on over 80,000 sites. This vulnerability…
Ukraine Police Arrest Cyber Criminals Behind Clop Ransomware Attacks
Ukrainian law enforcement officials on Wednesday announced the arrest of the Clop ransomware gang, adding it disrupted the infrastructure employed in attacks targeting victims worldwide since at least 2019. As…