SecurityScorecard 2025 Global Third-Party Breach Report Reveals Surge in Vendor-Driven Attacks
Post Content
Post Content
Related
Apache OFBiz Authentication Bypass
What is the vulnerability?There is an authentication bypass vulnerability in Apache OFBiz tracked under CVE-2023-51467 and CVE-2023-49070. Successful exploitation would let an attacker circumvent authentication processes, enabling them to remotely execute arbitrary code and access sensitive information. Apache OFBiz is an open-source business application suite for Enterprise Resource Planning (ERP) which integrates and automates many…
SilentCryptoMiner Infects 2,000 Russian Users via Fake VPN and DPI Bypass Tools
A new mass malware campaign is infecting users with a cryptocurrency miner named SilentCryptoMiner by masquerading it as a tool designed to circumvent internet blocks and restrictions around online services. Russian cybersecurity company Kaspersky said the activity is part of a larger trend where cybercriminals are increasingly leveraging Windows Packet Divert (WPD) tools to distribute…
Signs Your Organization’s Culture Is Hurting Your Cybersecurity
High turnover, burnout, and blame-heavy environments do more than hurt morale. They also weaken security and put the organization at risk.
4 Chinese APTs Attack Taiwan’s Semiconductor Industry
Chinese threat actors have turned to cyberattacks as a way to undermine and destabilize Taiwan’s most important industrial sector.
ConnectWise to Rotate Code-Signing Certificates
The move is unrelated to a recent nation-state attack the vendor endured but stems from a report by a third-party researcher.