🔒 Exploiting Cloudflare's Gaps: Threat actors can bypass DDoS protection mechanisms by abusing trust relationships.

Details inside: https://thehackernews.com/2023/10/researcher-reveal-new-technique-to.html

New survey reveals alarming stats: 78% of cybersecurity teams faced API-related security incidents in the past year.

Find out how your peers are responding and why API security is a top priority.

Get insights: https://thehackernews.com/2023/10/api-security-trends-2023-have.html

🔒 Reduce your attack surface and enhance your organization's cybersecurity strategy with Security Configuration Assessment (SCA).

Explore its benefits, including vulnerability identification, compliance, and IT hygiene enhancement:

Read: https://thehackernews.com/2023/10/protecting-your-it-infrastructure-with.html

New survey reveals alarming stats: 78% of cybersecurity teams faced API-related security incidents in the past year.

Find out how your peers are responding and why API security is a top priority.

Get insights: https://thehackernews.com/2023/10/api-security-trends-2023-have.html

🔒Worried about AI-related threats? Join our panel discussion with cybersecurity experts:

- David Primor, Founder & CEO of Cynomi
- Elad Schulman, Founder & CEO of Lasso Security

... and learn practical security policies and practices to shield your clients.

https://thehacker.news/ai-llm-threats?source=social

🚨 Developers, listen up! Over 30 malicious npm packages discovered in the wild. They're after your sensitive data - SSH keys, Kubernetes configs, and more.

Find details here: https://thehackernews.com/2023/10/over-3-dozen-data-stealing-malicious.html

⚡ShellTorch: Multiple vulnerabilities in TorchServe, used for serving PyTorch models, could lead to remote code execution attacks, potentially exposing sensitive data and compromising system security.

Learn more: https://thehackernews.com/2023/10/warning-pytorch-models-vulnerable-to.html

🚨 Urgent! Qualcomm releases security updates to patch 17 vulnerabilities, including 3 zero-days actively exploited.

Find details here: https://thehackernews.com/2023/10/qualcomm-releases-patch-for-3-new-zero.html

⚠️ Watch out, developers! A rogue npm package, "node-hide-console-windows," was hiding a nasty surprise - the r77 rootkit.

This is the first-ever case of a package delivering a rootkit.

Read details: https://thehackernews.com/2023/10/rogue-npm-package-deploys-open-source.html

🛡️ Is your organization struggling with SaaS security on a tight budget? Discover how Wing Security's $1,500/year tier could be the answer for mid-sized companies.

Read: https://thehackernews.com/2023/10/wing-disrupts-market-by-introducing.html

Microsoft warns of attackers attempting to exploit SQL instances to breach a cloud environment. The company shares details on the attack, highlighting the critical need to secure cloud identities

Read: https://thehackernews.com/2023/10/microsoft-warns-of-cyber-attacks.html

New Linux vulnerability (CVE-2023-4911) named Looney Tunables found in the GNU C library's dynamic loader. Exploitation could lead to root privileges.

Learn how it affects major #Linux distributions: https://thehackernews.com/2023/10/looney-tunables-new-linux-flaw-enables.html

From DragonEgg to LightSpy — Discover the hidden links between Android and iOS spyware, exposing a sophisticated network of surveillance.

Learn more in this report: https://thehackernews.com/2023/10/researchers-link-dragonegg-android.html

Atlassian releases patch for a new zero-day vulnerability (CVE-2023-22515) in Confluence, risking admin account breaches on Data Center and Server instances.

Find details here: https://thehackernews.com/2023/10/atlassian-confluence-hit-by-newly.html

Update to the latest versions 8.3.3+, 8.4.3+, or 8.5.2 for a shield against potential exploits.

🚨 Attention iPhone and iPad users! Apple rushes in with iOS 17.0.3 and iPadOS 17.0.3 updates to patch an actively exploited kernel vulnerability.

Learn more about CVE-2023-42824: https://thehackernews.com/2023/10/apple-rolls-out-security-patches-for.html

🚨 Alert: CISA flags active exploits. Two recent vulnerabilities come under the scanner:

— CVE-2023-42793: TeamCity Auth Bypass
— CVE-2023-28229: Win CNG Flaw

Read details here: https://thehackernews.com/2023/10/cisa-warns-of-active-exploitation-of.html

Act fast, secure your networks—patch by Oct 25!

⚠️ Alert: A new Android banking trojan, named GoldDigger, has surfaced, targeting over 50 banking apps in the Asia-Pacific (APAC) and Spanish-speaking regions.

Learn more: https://thehackernews.com/2023/10/golddigger-android-trojan-targets.html

Researchers uncover "Operation Jacana," a targeted cyber espionage campaign using spear-phishing and DinodasRAT that breached a Guyana government entity.

Learn more: https://thehackernews.com/2023/10/guyana-governmental-entity-hit-by.html

💪 It's time to revolutionize your data security strategy for the cloud era

Dive into the groundbreaking realm of DSPM and decode the future of risk management in this exclusive webinar featuring Gartner and BigID. Sign up: https://thn.news/sGbfvuhX

🆘 Urgent: Cisco releases patch for a critical vulnerability in Emergency Responder, allowing remote attackers to sign in using hard-coded credentials and execute commands as root.

Read: https://thehackernews.com/2023/10/cisco-releases-urgent-patch-to-fix.html