With the onset of AI tools, developers are building APIs 200% faster, making it impossible for security teams to secure them at the rate of development. Join StackHawk's Joni Klippert and Scott Gerlach to discuss this growing security problem and why source-code level API discovery is critical to un
BreachRx automatically generates tailored incident response plans and provides targeted guidance to relevant stakeholders through every step of the process.
AWS ChatBot Vulnerability
13 days ago
AWS ChatBot is an AWS service that's designed to be used with messaging services (Teams, Slack, etc) to monitor and respond to AWS events. The service can be configured using a Channel Role which will give all members of the channel the same permissions without requiring AWS credentials. If this is
FBI Cryptocurrency Scheme
13 days ago
The FBI created its own cryptocurrency to catch fraudsters in a global scheme that involved manipulation and wash trades. The fraud involved creating a false market signal to inflate prices and profit from selling assets. Several individuals have been charged in the crypto fraud case across multiple
The EU has officially adopted the Cyber Resilience Act, which introduces cybersecurity requirements for products with digital elements.
AI Girlfriend Site Breach
13 days ago
A hacker stole a database of users' interactions with AI chatbots from the Muah.ai site.
OpenAI confirms cyber threat actors are using ChatGPT to develop malware and enhance offensive operations.
Game Freak has confirmed that a data breach affecting 2,606 employees' information occurred in August. Earlier reports suggested the leaked data included codenames for future Pokémon games, Nintendo Switch 2, and other confidential information.
Ecovacs Robovac Hacking Incident
13 days ago
Ecovacs' Deebot X2 Omni robotic vacuums were hacked across US cities, with attackers using them to harass pets and owners with racist slurs. Ecovacs identified a credential stuffing event and blocked the IP address, but found no evidence of stolen user credentials.
Fidelity Investments has disclosed a data breach that resulted from a third party accessing information from its systems between August 17 and August 19 using two customer accounts that they created. The breached data includes customers' social security numbers and driver's licenses.
Innovative Security Solutions
13 days ago
This blog covers the latest research on password security, with new compelling ideas, unexpected discoveries, and questions for future exploration.
Zendesk Vulnerability Exploited
13 days ago
This 15-year-old bug hunter discovered a critical Zendesk vulnerability that affected Fortune 500 companies. The bug exploited weak email validation in Zendesk's ticket system, allowing attackers to spoof emails and access sensitive support conversations.
Mitigating Attack Vectors in GitHub Workflows
13 days ago
A comprehensive guide from OpenSSF on various GitHub Workflows vulnerabilities and their mitigations. It introduces the OpenSSF scorecard CLI tool and GitHub Action, which can be used to check for these vulnerabilities in a GitHub Workflow.
With the onset of AI tools, developers are building APIs 200% faster, making it impossible for security teams to secure them at the rate of development. Join StackHawk's Joni Klippert and Scott Gerlach to discuss this growing security problem and why source-code level API discovery is critical to un
BreachRx automatically generates tailored incident response plans and provides targeted guidance to relevant stakeholders through every step of the process.
A small app that makes it easy to administrate simple firewall configurations.
AWS ChatBot Security Issue
13 days ago
AWS ChatBot is an AWS service that's designed to be used with messaging services to monitor and respond to AWS events. The service can be configured using a Channel Role which will give all members of the channel the same permissions without requiring AWS credentials.
FBI Cryptocurrency Creation
13 days ago
The FBI created its own cryptocurrency to catch fraudsters in a global scheme that involved manipulation and wash trades. Several individuals have been charged in the crypto fraud case across multiple countries.
EU Cyber Resilience Act Adoption
13 days ago
The EU has officially adopted the Cyber Resilience Act, which introduces cybersecurity requirements for products with digital elements.
AI Girlfriend Site Breach
13 days ago
A hacker stole a database of users' interactions with AI chatbots from the Muah.ai site.
OpenAI ChatGPT Malware Development
13 days ago
OpenAI confirms cyber threat actors are using ChatGPT to develop malware and enhance offensive operations.
POKÉMON DEVELOPER GAME FREAK REPORTEDLY HACKED, STOLEN DATA ON UNANNOUNCED GAMES AS WELL AS NINTENDO SWITCH 2 CODENAME LEAKED ONLINE (4 MINUTE READ)
13 days ago
Game Freak has confirmed that a data breach affecting 2,606 employees' information occurred in August. Earlier reports suggested the leaked data included codenames for future Pokémon games, Nintendo Switch 2, and other confidential information.
HACKERS TOOK OVER ROBOVACS TO CHASE PETS AND YELL SLURS (2 MINUTE READ)
13 days ago
Ecovacs' Deebot X2 Omni robotic vacuums were hacked across US cities, with attackers using them to harass pets and owners with racist slurs. Ecovacs identified a credential stuffing event and blocked the IP address, but found no evidence of stolen user credentials.
FIDELITY SAYS DATA BREACH EXPOSED PERSONAL DATA OF 77K CUSTOMERS (2 MINUTE READ)
13 days ago
Fidelity Investments has disclosed a data breach that resulted from a third party accessing information from its systems between August 17 and August 19 using two customer accounts that they created. According to data breach filings, the attacker was able to access customer data by making fraudulent
CFO PLAYBOOK: MASTERING METRICS AND MANAGING BOARDS (6 MINUTE READ)
13 days ago
To drive success, CFOs must identify and track key performance indicators (KPIs) that truly matter to their business, evolving these metrics as the company grows. Effective CFOs also build strong relationships with their boards, presenting metrics in a clear and persuasive manner to drive productive