News

GitHub users targeted with dangerous malware attacks - here's what we know
GitHub is being weaponized as malware infrastructure, report warns Emmenhtal and Amadey are part of a coordinated, ...
VentureBeat8mon
What Okta’s failures say about the future of identity security in ...
2025 needs to be the year identity providers go all in on improving every aspect of software quality and security, including red teaming.
Bleeping Computer3mon
Recent GitHub supply chain attack traced to leaked SpotBugs token
A cascading supply chain attack on GitHub that targeted Coinbase in March has now been traced back to a single token stolen from a SpotBugs workflow, which allowed a threat actor to compromise ...
ZDNet3y
OWASP updates top 10 vulnerability ranking for first time since 2017
Security Logging and Monitoring Failures was previously last on the list but moved up one spot and has expanded to include other types of failures.
Ars Technica1y
Microsoft blamed for “a cascade of security failures” in Exchange ...
It cites "a cascade of security failures at Microsoft" and finds that "Microsoft's security culture was inadequate" and needs to adjust to a "new normal" of cloud provider targeting.