Blog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday revealed that Commvault is monitoring cyber threat activity targeting applications hosted in their Microsoft Azure cloud environment. “Threat actors may have accessed client secrets for Commvault’s (Metallic) Microsoft 365 (M365) backup software-as-a-service (SaaS) solution, hosted in Azure,” the agency said. “This

Cybersecurity researchers have discovered an indirect prompt injection flaw in GitLab’s artificial intelligence (AI) assistant Duo that could have allowed attackers to steal source code and inject untrusted HTML into its responses, which could then be used to direct victims to malicious websites. GitLab Duo is an artificial intelligence (AI)-powered coding assistant that enables users…

Post Content

The same easily exploitable vulnerability was found in three of the apps that led to the compromise of victims’ data.

While Ukraine remains Russia’s major target for cyberattacks, TAG-110 is part of a strategy to preserve “a post-Soviet sphere of influence” by embedding itself in other countries’ infrastructures.

The emerging threat group is the latest to adopt the combo attack tactic, which Black Basta and other groups already are using to gain initial access for ransomware deployment.

Insurance experts weigh in how the recent barrage of attacks against UK retailers could affect premium rates and policy requirements, as well as work toward improving risk assessment.

The mission is to gather information that could help Russia in its war against Ukraine.

The loosely affiliated hacking group has shifted closer to ransomware gangs, raising questions about Scattered Spider’s ties to the Russian cybercrime underground.