Google Drive Deficiency Allows Attackers to Exfiltrate Workspace Data Without a Trace No activity logging in the free subscription for Google's Web-based productivity suite exposes enterprises to insider and other threats, researchers say.
Novel PyPI Malware Uses Compiled Python Bytecode to Evade Detection In an already fraught environment surrounding the popular Python programming language software package manager, hackers are coming up with new ways to sneak malicious goodies past cybersecurity buffers.
Biometric Bypass: BrutePrint Makes Short Work of Fingerprint Security Bugs in the biometric protections on Android phones and iPhones allow the limit on the number of tries to unlock the devices with a fingerprint can be bypassed, allowing automated brute-force attacks.
Where SBOMs Stand Today It's been two years since Executive Order 14028. By using SBOMs as a standard, organizations can manage software risks, protect their reputation, and improve their cybersecurity posture.
Amazon Pays $30.8M to Settle Ring Spying & Alexa Privacy Lawsuits The global e-commerce company will pay millions of dollars in two separate lawsuits because of privacy and security violations, the FTC says.
Jetpack WordPress Plug-in API Bug Triggers Mass Updates An audit uncovers an API-related security vulnerability dating back to Jetpack version 2.0 released in 2012 — and it affects millions of websites.
