New Nagios Software Bugs Could Let Hackers Take Over IT Infrastructures
As many as 11 security vulnerabilities have been disclosed in Nagios network management systems, some of which could be chained to achieve pre-authenticated remote code execution with the highest privileges,…
Distroless Builds Are Now SLSA 2
Posted by Priya Wadhwa and Appu Goundan, Google Open Source Security Team A few months ago we announced that we started signing all distroless images with cosign, which allows users…
This cryptocurrency miner is exploiting the new Confluence remote code execution bug
It didn’t take long for CVE-2021-26084 to be added to exploit kits. Read more from the Source
Microsoft Warns of a Wide-Scale Phishing-as-a-Service Operation
Microsoft has opened the lid on a large-scale phishing-as-a-service (PHaaS) operation that’s involved in selling phishing kits and email templates as well as providing hosting and automated services at a…