How software development’s speed obsession enabled TeamPCP’s chaos crusade
The threat group’s remarkable success targeting open-source software was inevitable and fueled by the industry’s decision to prioritize code shipping over security.
Advertisement
Wiz
Wiz’s Ryan Kazanciyan on navigating cloud complexity and cyber risk
Ryan Kazanciyan | CIO & CISO | Wiz
MongoBleed defect swirls, stamping out hope of year-end respite
The high-severity vulnerability is under active exploitation and affects many versions of MongoDB, a nearly ubiquitous open-source database.
Attacks pinned to critical React2Shell defect surge, surpass 50 confirmed victims
Researchers warn that half of the exposed vulnerable instances remain unpatched as in-the-wild exploitation grows rapidly.
Attackers hit React defect as researchers quibble over proof
A debate over actual exploitation is muddying response efforts. Multiple researchers say they’ve observed working proof of concepts while others assert evidence of attacks is lacking.
Developers scramble as critical React flaw threatens major apps
The open-source code library is one of the most extensively used application frameworks. Wiz found vulnerable versions in around 39% of cloud environments.
Advertisement
Shai-Hulud worm returns stronger and more automated than ever before
Self-replicating malware has infected almost 500 open-source packages, exposing more than 26,000 GitHub repositories in less than 24 hours.
AI can help defenders stop nation-state threat actors at machine speed
Cyber defenders say AI technologies are quickly evolving to help stop sophisticated threat groups, including Chinese adversaries, from embedding themselves inside target organizations.
Google acquires Wiz for $32 billion
Wiz co-founder Asaaf Rappaport said the company will remain focused on protecting a wide range of cloud services.
Wiz’s Bryan Rosensteel on breaking down zero-trust silos in government
Bryan Rosensteel | Head of Public Sector Product Marketing | Wiz