News

Once Benign Polyfill.io Code Now Exposes 100k+ Websites to Attack

June 26, 2024 | Over 100,000 websites using Polyfill JS are now vulnerable to malicious redirects to sports betting and pornography sites. Sansec researchers found that the popular open-source code, recently acquired by Funnull, generates malicious activities based on HTTP headers. This highlights the risks of relying on third-party open-source projects.

[Read the full article]

News

Threat Actors Exploit Zero Days Within 5 Days, Says Google’s Mandiant

Oct 17, 2024 | Google Mandiant’s analysis of 138 actively exploited vulnerabilities in 2023 reveals a concerning trend: 70% were zero-days, with threat actors

Read More ➜
News

Basic Cyber Hygiene Still Offers the Best Defense Against Ransomware

Oct 17, 2024 | The FBI’s takedown of the Dispossessor ransomware gang highlights a critical truth: simple cybersecurity measures, like strong passwords and mu

Read More ➜
News

Open-Source Entry Points Targeted for Supply Chain Compromise

Oct 15, 2024 | Threat actors are exploiting open-source environments like PyPI, npm, and Ruby Gems through command-jacking attacks.

Read More ➜