Application securityNearly 6M WordPress sites may be affected by bugs in 3 plug-insSteve ZurierMay 31, 2024Fastly says the bugs are prone to unauthenticated XXS attacks that let threat actors inject malicious scrips via WordPress plug-ins.
Cloud SecurityAI-generated code top cloud security concern amid 100% use rate in surveyLaura FrenchMay 16, 2024GenAI, API and identity risks are key concerns, as well as conflicts between DevOps and SecOps.
Cloud SecurityAttackers evade detection by leveraging Microsoft Graph APISteve ZurierMay 3, 2024Microsoft Graph API has become popular with hackers because running criminal ops on widely used cloud services raises less suspicion.
Cloud SecurityAttackers steal API keys, OAuth tokens, in Dropbox Sign breachSteve ZurierMay 2, 2024Security pros see the Dropbox Sign breach as not just a blow to Dropbox, but a really bad day for electronic signatures.
API securityTen years of Heartbleed: Lessons learnedDan RaywoodApril 29, 2024A look back at the Heartbleed bug and measuring its’ legacy, impact and how some view one of cybersecurity’s biggest headaches as an important learning moment.
Network SecurityDelinea patches API vulnerability in Secret Server CloudSteve ZurierApril 15, 2024If left unpatched, the API flaw could let attackers bypass authentication, gain admin access, and steal company secrets.
Cloud SecurityCall for 2024 SC Awards nominationsTom Spring March 26, 2024Starting now we officially welcome you to nominate your top products, solutions and standout individuals.
