A threat actor is using AlienFox to harvest API keys and secrets from cloud service providers, including AWS Simple Email Service, Google Workspace and Microsoft Office 365.

The company's CISO said a bundled library contains an executable file, and urges network defenders to uninstall the desktop client.

In the Security News: Turning traffic lights green with the flipperzero (and a bunch of other hardware), suspending AV and EDR, Test signing mode, Linux control freaks, hacking the Apple Studio Disaply, Intel;s attack surface reduction claim, the truth about TikTok that everyone is missing, just stop developing AI, but only for 6 months, anyone can...

How to get into reversing embedded firmware? Can the planet really be hacked? We'll go over a couple of fun exploitation examples, see what mistakes were made and maybe what could have been done better to make these devices tougher to break into. Segment Resources: Voip phone hacking: Blog: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/a...

Twitter, Tax Scams, Microsoft, Executive Orders, Pwn2Own, French Bans, and more on this edition of the Security Weekly News.

Security researchers say shift by IcedID to ransomware shows that threat actors are always evolving and it’s dangerous to typecast them.

In the Security News: Windows MSI tomfoolery, curl turns 8...point owe, who doesn't need a 7" laptop, glitching the ESP, your image really isn't redacted or cropped, brute forcing pins, SSRF and Lightsail, reversing D-Link firmware for the win, ICMP RCE OMG (but not really), update your Pixel and Samsung, hacking ATMs in 2023, breaking down Fortine...

We sit down with Nico Waisman to discuss vulnerability research and other security-related topics!

Dr. Doug talks: The Tang Dynasty, ZippyShare, NuGet, PinDuoDuo, Ernie, Lantern, HDD hard drives, and more on this edition of the Security Weekly News!

Akamai researchers say the HinataBot botnet has been active for the first three months on 2023, but has exploited vulnerabilities from as far back as 2014.