Cyber News 60

GitHub Actions Vulnerable to Typosquatting, Exposing Developers to Hidden Malicious Code

Threat actors have long leveraged typosquatting as a means to trick unsuspecting users into visiting malicious websites or downloading booby-trapped…

Cyber Insight

YubiKey Side-Channel Attack

There is a side-channel attack against YubiKey access tokens that allows someone to clone a device. It’s a complicated attack,…

Cyber Insight

Using Transparency & Sharing to Defend Critical Infrastructure

No organization can single-handedly defend against sophisticated attacks. Governments and private sector entities need to collaborate, share information, and develop…

Cyber Insight

The State of the Virtual CISO Report: MSP/MSSP Security Strategies for 2025

The 2024 State of the vCISO Report continues Cynomi’s tradition of examining the growing popularity of virtual Chief Information Security…

Cyber Insight

Critical Security Flaw Found in LiteSpeed Cache Plugin for WordPress

Cybersecurity researchers have discovered yet another critical security flaw in the LiteSpeed Cache plugin for WordPress that could allow unauthenticated…

Cyber Insight

Pavel Durov Criticizes Outdated Laws After Arrest Over Telegram Criminal Activity

Telegram CEO Pavel Durov has broken his silence nearly two weeks after his arrest in France, stating the charges are…

Cyber Insight

Apache OFBiz Update Fixes High-Severity Flaw Leading to Remote Code Execution

A new security flaw has been addressed in the Apache OFBiz open-source enterprise resource planning (ERP) system that, if successfully…

Cyber Insight

What is the Shared Fate Model?

New threats, an overburdened workforce, and regulatory pressures mean cloud service providers need a more resilient model than the shared…

Cyber Insights

Breaking

High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables

Experts Uncover 70,000 Hijacked Domains in Widespread ‘Sitting Ducks’ Attack Scheme

Flexible Structure of Zip Archives Exploited to Hide Malware Undetected

Microsoft Power Pages Leak Millions of Private Records

2 Zero-Day Bugs in Microsoft’s Nov. Update Under Active Exploit

High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables

Experts Uncover 70,000 Hijacked Domains in Widespread ‘Sitting Ducks’ Attack Scheme

Flexible Structure of Zip Archives Exploited to Hide Malware Undetected

Microsoft Power Pages Leak Millions of Private Records

Be Mindful of Social Media Privacy

Twitter CEO’s account hacked via SIM-card swap attack

No one is immune to phishing attack

Password – the Gate of Hell of the Digital Age

High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables

Experts Uncover 70,000 Hijacked Domains in Widespread ‘Sitting Ducks’ Attack Scheme

Flexible Structure of Zip Archives Exploited to Hide Malware Undetected

Microsoft Power Pages Leak Millions of Private Records

GitHub Actions Vulnerable to Typosquatting, Exposing Developers to Hidden Malicious Code

YubiKey Side-Channel Attack

Using Transparency & Sharing to Defend Critical Infrastructure

The State of the Virtual CISO Report: MSP/MSSP Security Strategies for 2025

Critical Security Flaw Found in LiteSpeed Cache Plugin for WordPress

Pavel Durov Criticizes Outdated Laws After Arrest Over Telegram Criminal Activity

Apache OFBiz Update Fixes High-Severity Flaw Leading to Remote Code Execution

What is the Shared Fate Model?

You Missed

High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables

Experts Uncover 70,000 Hijacked Domains in Widespread ‘Sitting Ducks’ Attack Scheme

Flexible Structure of Zip Archives Exploited to Hide Malware Undetected

Microsoft Power Pages Leak Millions of Private Records