Content Paint
Search
Sign in
Membership

cybersecurity

Security  | Oct 25, 2022
A mystery threat actor is running an "abnormally" large freejacking campaign that taps GitHub, Heroku to mine crypto
A mystery threat actor is running an "abnormally" large freejacking campaign that taps GitHub, Heroku to mine crypto

Security researchers at Sysdig say that they have identified a previously unreported threat actor “using some of the largest cloud and continuous integration and deployment (CI/CD) service providers” in a massive “freejacking” campaign that makes use of trial accounts’ free compute to power cryptomining campaigns. Dubbing it PURPLEURCHIN, Sysdig

Security  | Oct 24, 2022
GIGABYTE drivers are getting exploited warns CISA as 2018 bugs come back to bite
GIGABYTE drivers are getting exploited warns CISA as 2018 bugs come back to bite

POCs have circulated for years...

Security  | Oct 20, 2022
Microsoft data breach "BlueBleed" exposes 2.4TB of customer data
Microsoft data breach "BlueBleed" exposes 2.4TB of customer data

Customers being told GDPR disclosure unnecessary

Open Source  | Oct 18, 2022
3 trillion open source downloads, a 633% rise in malicious activity -- and a worrying sense of security
3 trillion open source downloads, a 633% rise in malicious activity -- and a worrying sense of security

IT managers say their orgs are better prepared - infosec pros are less confident...

Identity  | Oct 18, 2022
FIDO2 is touted as a security panacea: Why isn't it everywhere?
FIDO2 is touted as a security panacea: Why isn't it everywhere?

FIDO2 makes the user initiate all authentication attempts.

Security  | Oct 17, 2022
Windows fails to update vulnerable driver blocklist for THREE YEARS
Windows fails to update vulnerable driver blocklist for THREE YEARS

MS now says the blocklist will only be updated alongside major Windows releases.

Security  | Oct 14, 2022
CISOs, unis, investors turn to richer metrics as security training evolves
CISOs, unis, investors turn to richer metrics as security training evolves

SA&T is evolving fast. It needs to...

Security  | Oct 13, 2022
Advanced confirms attack was LockBit 3.0 ransomware, legitimate creds used
Advanced confirms attack was LockBit 3.0 ransomware, legitimate creds used

No insight into how credentials were obtained...

Security  | Oct 12, 2022
This Azure bug is a perfect CVSS 10, gives you control over K8s clusters
This Azure bug is a perfect CVSS 10, gives you control over K8s clusters

A critical vulnerability in an Azure tool that lets users manage Kubernetes clusters can be exploited remotely without authentication to gain administrative control over Kubernetes clusters, as well as Azure edge devices. The vulnerability, allocated a maximum possible CVSS (severity rating) score of 10 has been allocated CVE-2022-37968. It is

Interviews, insight, intelligence, and exclusive events for digital leaders.

© 2026 The Stack
©  2026 The Stack

Search the site
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.