Network SecurityUpdate delays to NIST vulnerability database alarms researchersCrucial enrichment data is not being added to NVD entries as NIST works through a “transition” process.
Application securityAkamai offers POC and Open Policy Agent to block Kubernetes bugVulnerability allows remote code execution with System privileges on all Windows endpoints within a Kubernetes cluster.
API securityInternational data breaches conducted by Chinese APTNearly 120 organizations across 45 countries have been subjected to attacks by Chinese advanced persistent threat operation Earth Krahang.
IdentityRedLine malware top credential stealer of last 6 monthsRedLine was used to steal over 170 million passwords in the last six months, or nearly half of all stolen passwords.
API securityMarch Patch Tuesday: Microsoft fixes two critical Hyper-V flawsThe software giant urged users to prioritize patching the RCE and DoS vulnerabilities but said neither had been actively exploited.
Critical Infrastructure SecurityUS’s Volt Typhoon crackdown continuesOrganizations impacted by Volt Typhoon are still being identified and while some Volt Typhoon intrusions have been discovered through artificial intelligence.
Network SecurityBianLian ransomware crew exploiting bugs in JetBrains’ TeamCity platformKnown for its adaptability, the threat group is once again taking advantage of recent vulnerabilities organizations may not have patched yet.
Network SecurityQNAP fixes three bugs on NAS devices, one critical authentication flawThe critical flaw is an authentication bug could let users compromise the security of the system.
Threat IntelligenceAviation sector, e-commerce platforms face separate cyber threatsOrganizations in the aviation and aerospace industries have been subjected to mounting cyberattacks amid ongoing geopolitical tensions.
Network SecurityJetBrains TeamCity critical flaw exploited; 1.4k servers compromisedAttackers are creating hundreds of admin accounts, with a high potential for supply chain attacks.