Security Bulletin

The company is urging users running vulnerable versions to patch CVE-2024-5655 immediately, to avoid CI/CD malfeasance.

Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps.

Proges Plug&Track Sensor Net Connect and Thermoscan IP bugs can lead to privilege escalation or DoS.

TeamViewer says the breach was tied to its internal corporate IT network and has not impacted its product environment.

Despite more than 50% of all open source code being written in memory-unsafe languages like C++, we are unlikely to see a massive overhaul to codebases anytime soon.

Though the Chicago-area hospital did not pay a ransom, a host of sensitive medical information is now at risk.

The ransomware group claimed it had breached the Federal Reserve, but the target now appears to have been an Arkansas-based bank, Evolve.

Increasingly prevalent cybersecurity threats were noted by U.S. businesses to be accompanied by mounting difficulties in securing cyberinsurance policies during a hearing before the House Homeland Security Committee's Cybersecurity and Infrastructure...

Most severe of the addressed flaws is a critical bug in GitLab CE/EE versions newer than 15.8, 17.0, and 17.1, tracked as CVE-2024-5655, which could be leveraged to facilitate automated execution of a pipeline upon the automated re-targeting of a...

Both authenticated and unauthenticated users could leverage the vulnerability, which affects FileCatalyst Workflow versions 5.1.6 Build 135 and earlier.