Tag: security incident
-
The Register: No login? No problem: Cisco ISE flaw gave root access before fix arrived, say researchers
Source URL: https://www.theregister.com/2025/07/24/no_login_no_problem_cisco_flaw/ Source: The Register Title: No login? No problem: Cisco ISE flaw gave root access before fix arrived, say researchers Feedly Summary: Shadowserver claims miscreants were already poking at a critical hole in early July, long before Switchzilla patched it Threat actors have actively exploited a newly patched vulnerability in Cisco’s Identity Services…
-
The Register: Compromised Amazon Q extension told AI to delete everything – and it shipped
Source URL: https://www.theregister.com/2025/07/24/amazon_q_ai_prompt/ Source: The Register Title: Compromised Amazon Q extension told AI to delete everything – and it shipped Feedly Summary: Malicious actor reportedly sought to expose AWS ‘security theater’ The official Amazon Q extension for Visual Studio Code (VS Code) was compromised to include a prompt to wipe the user’s home directory and…
-
CSA: How GenAI Is Reshaping GRC
Source URL: https://www.scrut.io/post/genai-is-reshaping-grc Source: CSA Title: How GenAI Is Reshaping GRC Feedly Summary: AI Summary and Description: Yes **Summary:** The text discusses significant changes in cybersecurity regulation, particularly the U.S. SEC’s proposed updates to cybersecurity disclosure requirements for public companies. It emphasizes the evolution of Governance, Risk, and Compliance (GRC), highlighting a shift from traditional…
-
The Register: Not pretty, not Windows-only: npm phishing attack laces popular packages with malware
Source URL: https://www.theregister.com/2025/07/24/not_pretty_not_windowsonly_npm/ Source: The Register Title: Not pretty, not Windows-only: npm phishing attack laces popular packages with malware Feedly Summary: The “is" package was infected with cross-platform malware after a scam targeting maintainers The popular npm package "is" was infected with cross-platform malware, around the same time that linting utility packages used with the…
-
The Register: Microsoft SharePoint victim count hits 400+ orgs in ongoing attacks
Source URL: https://www.theregister.com/2025/07/23/microsoft_sharepoint_400_orgs/ Source: The Register Title: Microsoft SharePoint victim count hits 400+ orgs in ongoing attacks Feedly Summary: US DOE among breached government agencies More than 400 organizations have been compromised in the Microsoft SharePoint attack, according to Eye Security, which initially sounded the alarm on the mass exploitation last Friday, even before Redmond…
-
Microsoft Security Blog: Microsoft Sentinel data lake: Unify signals, cut costs, and power agentic AI
Source URL: https://www.microsoft.com/en-us/security/blog/2025/07/22/microsoft-sentinel-data-lake-unify-signals-cut-costs-and-power-agentic-ai/ Source: Microsoft Security Blog Title: Microsoft Sentinel data lake: Unify signals, cut costs, and power agentic AI Feedly Summary: We’re evolving our industry-leading Security Incidents and Event Management solution (SIEM), Microsoft Sentinel, to include a modern, cost-effective data lake. By unifying all your security data, Microsoft Sentinel data lake, in public preview,…