Please turn on your JavaScript for this page to function normally.
Jenkins
Critical Jenkins RCE flaw exploited in the wild. Patch now! (CVE-2024-23897)

Several proof-of-concept (PoC) exploits for a recently patched critical vulnerability (CVE-2024-23897) in Jenkins have been made public and there’s evidence of …

Kubescape
ARMO adds MITRE ATT&CK framework to its open-source Kubernetes testing tool

ARMO released an expanded version Kubescape, an open-source testing tool for Kubernetes environments that is compliant with the standards set forth in the Kubernetes Hardening …

CloudBees enhances feature management capabilities within its software delivery platform

CloudBees announced new capabilities for feature management within its software delivery platform, including full visibility and control of feature flags throughout the …

Cequence Security API Sentinel 2.0 helps orgs strengthen their runtime API protections

Cequence Security announced the release of API Sentinel 2.0, adding powerful features that will help organizations strengthen their runtime API protections by “shielding …

BoxBoat reports momentum for BoxOps, its platform for DevSecOps managed services

BoxBoat announced that it is realizing significant managed services revenue growth driven by greater customer adoption of its BoxOps platform. This mirrors the growth that …

error
Updated cryptojacking worm steals AWS credentials

A malicious cryptocurrency miner and DDoS worm that has been targeting Docker systems for months now also steals Amazon Web Services (AWS) credentials. What’s more, …

open source
2019 was a record year for OSS vulnerabilities

Total vulnerabilities in OSS more than doubled in 2019 from 421 Common Vulnerabilities and Exposures (CVEs) in 2018 to 968 last year, according to a RiskSense report. Top 10 …

Jenkins
12,000+ Jenkins servers can be exploited to launch, amplify DDoS attacks

A vulnerability (CVE-2020-2100) in 12,000+ internet-facing Jenkins servers can be abused to mount and amplify reflective DDoS attacks against internet hosts, Radware …

Don't miss

Cybersecurity news