North Korean nation-state threat actors are exploiting a critical remote code execution vulnerability affecting multiple versions of a DevSecOps tool – a high-risk development, especially in light of Pyongyang hackers’ recent track record of supply chain hacks. Researchers at Microsoft said Wednesday that North Korean nation-state threat actors tracked as Diamond Sleet and Onyx Sleet […]
After combing through 350,000 reports to find 650 API-specific vulnerabilities from 337 different vendors and tracking 115 published exploits impacting these vulnerabilities, the results clearly illustrate that the API threat landscape is becoming more dangerous, according to Wallarm. Researchers came to this conclusion based on the 2022 data, specifically these three trends: Attack growth In […]
All of Azure DevOps REST APIs are now getting granular Personal Access Tokens (PAT). The goal of the change, which was met with glee in the cybersecurity community, is to minimize the potential damage of a leaked PAT credential. Announcing the news via an Azure DevOps blogpost, product manager Barry Wolfson said that prior to […]
Latest Comments