supply chain attacks
Malicious ML models found on Hugging Face Hub
Researchers have spotted two machine learning (ML) models containing malicious code on Hugging Face Hub, the popular online repository for datasets and pre-trained models. …
Observations from Black Hat USA 2024, BSidesLV, and DEF CON 32
I recently spent six days in Las Vegas attending DEF CON, BsidesLV, and Black Hat USA 2024, where I had the opportunity to engage with and learn from some of the top security …
Key metrics for monitoring and improving ZTNA implementations
In this Help Net Security interview, Dean Hamilton, CTO at Wilson Perumal & Company, discusses the complexities of zero trust network access (ZTNA) implementation, …
New open-source project takeover attacks spotted, stymied
The OpenJS Foundation has headed off a “credible takeover attempt” similar to the one that resulted in a backdoor getting included in the open-source XZ Utils …
XZ Utils backdoor update: Which Linux distros are affected and what can you do?
UPDATE: April 9, 09:23 AM ET A new story has been published: XZ Utils backdoor: Detection tools, scripts, rules The news that XZ Utils, a compression utility present in most …
Outsmarting cybercriminal innovation with strategies for enterprise resilience
In this Help Net Security interview, Pedro Cameirão, Head of Cyber Defense Center at Nokia, discusses emerging cybersecurity trends for 2024 and advises enterprises on …
Ransomware recap 2023 highlights cybersecurity crisis
In this Help Net Security video, Yochai Corem, CEO of Cyberint, explores the ransomware environment’s development, effects, and emerging patterns throughout the previous …
Cybercriminals embrace smarter strategies, less effort
2024 is shaping up to be a record-breaking year for data breaches, according to Experian. Despite 2023 being labeled as a ‘successful’ year for malicious actors, …
Software supply chain attacks are getting easier
ReversingLabs identified close to 11,200 unique malicious packages across three major open-source software platforms in 2023: npm, PyPI, and RubyGems. These findings mark an …
Public exposure of data breaches is becoming inevitable
Ransomware incidents rising again as criminals use data exfiltration and supply chain attacks to maximize their leverage, according to Allianz. Allianz Commercial analysis of …
Cyberattacks on healthcare organizations affect patient care
88% of organizations experienced an average of 40 attacks in the past 12 months, according to a survey conducted by the Proofpoint and Ponemon Institute. Supply chain attacks: …
Rising OT/ICS cybersecurity incidents reveal alarming trend
60% of cyberattacks against the industrial sector are led by state-affiliated actors and often unintentionally enabled by internal personnel (about 33% of the time), according …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility