Security Week

Researchers Spot Supply Chain Attack Targeting GitLab CI Pipelines

Security researchers at SentinelLabs are calling attention to a software chain supply attack targeting Rust developers with malware aimed directly at infecting GitLab Continuous Integration (CI) pipelines.

Phishers Add Chatbot to the Phishing Lure

Researchers have discovered a new approach being taken by phishers to increase victim engagement and confidence: the addition of an interactive chatbot. The phishers hope that this will help lower the attention of the target victim.

Cornami Raises $68 Million for Quantum Secure Computing on Encrypted Data

The new funding round was led by SoftBank Vision Fund 2, with participation from Impact Venture Capital, Octave Ventures, Applied Ventures, and existing investors. To date, the company has raised over $150 million.

Enterprise Data Protection Company Seclore Raises $27 Million

The new Series C investment round was led by Origami Capital Partners and Oquirrh Venture, and will allow Seclore to accelerate the development of its data security platform.

Over 380,000 Kubernetes API Servers Exposed to Internet: Shadowserver

ShadowServer is conducting daily scans of the IPv4 space on ports 443 and 6443, looking for IP addresses that respond with an HTTP 200 OK status, which indicates that the request has succeeded.

The Vulnerable Maritime Supply Chain - a Threat to the Global Economy

The merchant maritime sector functions with vessels that have been operational for anything from a few years to a few decades. The older vessels have had new technology added to improve efficiency through digitization and automation.

Vulnerability in Tatsu Builder WordPress Plugin Exploited in Large-Scale Attack Campaign

Tens of thousands of WordPress websites are potentially at risk of compromise as part of an ongoing large-scale attack targeting a remote code execution vulnerability in the Tatsu Builder plugin.

New Special Interest Group Aims to Enhance ICS/OT Cyber Defenses

The goal is to provide a forum for researchers and vendors to interact and share opinions and expertise in an effort to identify and classify vulnerabilities and common attack patterns that are specific to ICS and other OT.

Access Orchestration Firm Pathlock Announces Several M&As and $200M Funding

Pathlock on Tuesday announced mergers with ERP data security firm Appsian, and Security Weaver, a company that provides governance, risk, and compliance management (GRCM) software for SAP.

Pangea Lands $25 Million Investment for API Security Services

Pangea, the brainchild of serial entrepreneur Oliver Friedrichs, said the Series A funding round was led by Ballistic Ventures, a new investment firm focused exclusively on cybersecurity companies.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags