Amadeus to buy French biometrics firm Idemia Public Security
Spanish travel technology firm Amadeus has announced a plan to acquire French biometrics company Idemia Public Security, which is owned by Advent International, for 1.2 billion…
Author: Cybernoz
Checkmarx Confirms Data Stolen in Supply Chain Attack
Checkmarx on Tuesday confirmed that last month’s supply chain attack targeting its KICS open source project also resulted in data theft. The compromise was a…
CVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosure
CVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosure Pierluigi Paganini April 29, 2026 Attackers quickly exploited a critical LiteLLM flaw (CVE-2026-42208) to access and…
Congress, industry ponder government posture for protecting data centers
The growth of data centers — and adversaries’ targeting of them — left lawmakers at a hearing Wednesday contemplating whether the federal government has the…
How To Keep Up With Security As AI Deployments Increase In Complexity And At Pace
By Tony Burnside, VP APJ, Netskope For Australian organisations, the conversation around AI security has shifted rapidly. It was only recently that copy-pasting sensitive corporate…
What it takes to win that CSO role
In announcing Hoak’s promotion at the time, RegScale CEO Travis Howerton noted, “The CISO role is often seen as a lifetime achievement award in this…
Lazarus Doesn’t Need AGI
Last week’s reporting on unauthorized access to Claude Mythos reads as an AI security story. It is also, structurally, a North Korea (DPRK) story. Even…
Critical Vulnerabilities: WS_FTP Exploitation | Huntress
On Thursday, September 28, 2023, software vendor Progress released a security advisory for numerous vulnerabilities affecting the WS_FTP Server Ad Hoc Transfer Module within their…
Hackers exploit RCE flaws in Qinglong task scheduler for cryptomining
Hackers are exploiting two authentication bypass vulnerabilities in the Qinglong open-source task scheduling tool to deploy cryptominers on developers’ servers. Exploitation started in early February,…
SAP npm Packages Compromised to Harvest Developer and CI/CD Secrets
A new supply chain attack dubbed “mini Shai Hulud” has compromised four SAP-related npm packages by injecting malicious preinstall scripts that silently execute during dependency…
Cursor AI Extension Flaw Exposes Developer Tokens to Credential Theft
Security researchers at LayerX have uncovered a high-severity vulnerability in the popular AI-powered development environment, Cursor. Dubbed “CursorJacking,” this flaw carries a CVSS score of…
New AI-Powered Bluekit Phishing Kit Targets Major Platforms with MFA Bypass Attacks
Varonis Threat Labs has discovered a new phishing-as-a-service kit called Bluekit that is making it much easier for cyberattackers to bypass security, even when users…