Mar 19, 2025Ravie LakshmananThreat Intelligence / Cryptojacking Threat actors are exploiting a severe security flaw in PHP to deliver cryptocurrency miners and remote access trojans (RATs) like Quasar RAT. The vulnerability, assigned the CVE identifier CVE-2024-4577, refers to an argument injection vulnerability in PHP affecting Windows-based systems running in CGI mode that … [Read more...] about Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners
Securing XIoT in the Era of Convergence and Zero Trust
The rise of connected devices has fundamentally reshaped industries, enabling unprecedented levels of automation, efficiency, and innovation. These devices fall under the Extended Internet of Things (XIoT), a broad category encompassing traditional Internet of Things (IoT) devices, operational technology (OT), industrial control systems (ICS), the Internet of Medical Things … [Read more...] about Securing XIoT in the Era of Convergence and Zero Trust
Elasticsearch in the aviation industry: A game-changer for data management
Digital customer experience is no longer a luxury but a necessity for European airlines. It drives customer satisfaction, enhances operational efficiency, and creates a sustainable competitive advantage. As the industry continues to evolve, airlines that prioritise investment in cutting-edge digital technologies and platforms will be better positioned to thrive in a dynamic and … [Read more...] about Elasticsearch in the aviation industry: A game-changer for data management
Redefining Security Management in a Hyperconnected World
In today’s rapidly transforming world, Cisco is redefining security and its management. With the recent launch of the most advanced Hybrid Mesh Firewall and Universal Zero Trust Network Access (ZTNA) solutions, both managed under Security Cloud Control, we’re introducing a new way for you to interact, set policies, and troubleshoot. Security Cloud Control serves as a central … [Read more...] about Redefining Security Management in a Hyperconnected World
New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors
Mar 18, 2025Ravie LakshmananAI Security / Software Security Cybersecurity researchers have disclosed details of a new supply chain attack vector dubbed Rules File Backdoor that affects artificial intelligence (AI)-powered code editors like GitHub Copilot and Cursor, causing them to inject malicious code. "This technique enables hackers to silently compromise AI-generated code … [Read more...] about New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors
Supply chain attack via GitHub Action
Attacks on open-source mostly start with publishing new malicious packages in repositories. But the attack that occurred on March 14 is in a different league — attackers compromised the popular GitHub Action tj-actions/changed-files, which is used in more than 23,000 repositories. The incident was assigned CVE-2025-30066. All repositories that used the infected changed-files … [Read more...] about Supply chain attack via GitHub Action
Falcon Cloud Security Identifies AI-Driven Packages in Container Images
Artificial intelligence (AI) is rapidly transforming industries, but with this innovation come new security challenges as threat actors explore AI’s powerful capabilities. They’re adopting new techniques, targeting AI models, injecting malicious code into AI processes, and exploiting vulnerabilities in AI-related software packages. Malicious AI-related software packages … [Read more...] about Falcon Cloud Security Identifies AI-Driven Packages in Container Images
Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure
Mar 17, 2025Ravie LakshmananVulnerability / Web Security A recently disclosed security flaw impacting Apache Tomcat has come under active exploitation in the wild following the release of a public proof-of-concept (PoC) a mere 30 hours after public disclosure. The vulnerability, tracked as CVE-2025-24813, affects the below versions - Apache Tomcat 11.0.0-M1 to 11.0.2 Apache … [Read more...] about Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure
Understanding data mesh in public sector: Pillars, architecture, and examples
Think about all the data behind projects like defense intelligence, public health records, urban planning models, and more. Government agencies are generating enormous quantities of data all the time. Things get even more tricky when the data is spread across cloud platforms, on-prem systems, or specialized environments like satellites and emergency response centers. It’s hard … [Read more...] about Understanding data mesh in public sector: Pillars, architecture, and examples
Malicious PyPI Packages Stole Cloud Tokens—Over 14,100 Downloads Before Removal
Mar 15, 2025Ravie Lakshmanan Malware / Supply Chain Security Cybersecurity researchers have warned of a malicious campaign targeting users of the Python Package Index (PyPI) repository with bogus libraries masquerading as "time" related utilities, but harboring hidden functionality to steal sensitive data such as cloud access tokens. Software supply chain security firm … [Read more...] about Malicious PyPI Packages Stole Cloud Tokens—Over 14,100 Downloads Before Removal