Jan 20, 2023 | Podcast
Proof of concept exploits for critical vulnerabilities in three popular wordpress plugins have been made publicly available. The plugins are “Paid Memberships Pro’, ‘Easy Digital Downloads’ and ‘Survey Marker’. These plugins are...
Jan 19, 2023 | Podcast
CircleCI has released a new security incident report providing more information on the attack they suffered earlier this month. They first learned about the attack from a customer reporting that their GitHub token has being compromised. Internal investigations...
Jan 18, 2023 | Podcast
Malicious python packages designed to steal information from developers’ systems have been recently discovered by Fortinet. The packages were uploaded to the Python Package Index between January 7 and 12 this year by an author named lolipop. The names of the...
Jan 18, 2023 | Podcast
If you’re a developer then you need to make sure you have upgraded to the latest version of Git. Git just patched two critical severity security vulnerabilities that could allow attackers to perform remote code execution. The security vulnerabilities were...
Jan 17, 2023 | Podcast
Johannes Ullrich released a public service announcement today on why you must run an adblocker when using the internet. He claims that ad networks are not doing enough due diligence on the ads that they run on their networks. He provided examples of Google search...
Jan 16, 2023 | Podcast
NortonLifeLock sent data breach notifications to customers, informing them that hackers have successfully breached Norton Password Manager accounts in credential-stuffing attacks. The company observed unusually high volumes of fail login attempts in December with...
