Salesloft Drift security incident started with undetected GitHub access
Salesloft pinned the root cause of the Drift supply-chain attacks to a threat group gaining access to its GitHub account as far back as March,…
Category: Cyberscoop
Supreme Court blocks FTC commissioner Slaughter’s reinstatement
Rebecca Slaughter’s return-to-work orders have been put on hold for the second time this year, after the U.S. Supreme Court stepped in to block a…
NYU team behind AI-powered malware dubbed ‘PromptLock’
Researchers at New York University have taken credit for creating a piece of malware found by third-party researchers that uses prompt injection to manipulate a…
Sitecore zero-day vulnerability springs up from exposed machine key
An attacker exploited a zero-day vulnerability in Sitecore stemming from a misconfiguration of public ASP.NET machine keys that customers implemented based on the vendor’s documentation,…
AI can help track an ever-growing body of vulnerabilities, CISA official says
Artificial intelligence could be a key tool for helping organizations keep track of an ever-expanding catalog of identified software flaws, a top official at the…
Streameast, world’s largest pirated live sports network, shut down by Egyptian authorities
Streameast, the most popular and largest illicit live sports streaming network, was shut down following a coordinated law enforcement action conducted by Egyptian authorities last…
Cato Networks acquires AI security startup Aim Security
Israeli cybersecurity company Cato Networks has acquired AI security startup Aim Security in its first ever acquisition, reflecting the broader industry rush to address security…
CISA guide seeks a unified approach to software ‘ingredients lists’
Compiling an “ingredients list” for software can help organizations reduce cyber risks, avoid fines and save time, among other benefits, a Cybersecurity and Infrastructure Security…
House panel approves cyber information sharing, grant legislation as expiration deadlines loom
A House panel advanced legislation Wednesday that would reauthorize a major cyber threat information sharing law and a big-dollar state and local cyber grant program…
Google patches two Android zero-days, 120 defects total in September security update
Google warned that two actively exploited zero-day vulnerabilities affecting Android devices have been patched in its September security update, which addresses 120 software defects total. …
FTC announces settlement with toy robot makers that tracked location of children
The Federal Trade Commission announced a settlement Tuesday with a Chinese robot toy manufacturer, following an investigation that charged the company with illegally collecting the…
Court rules ‘fired’ FTC commissioners be reinstated — again
For the second time, a court has ruled that President Donald Trump’s attempted firing of Federal Trade Commission members Rebecca Slaughter and Alvaro Bedoya was…