Aggregator
SecWiki News 2024-12-04 Review
更多最新文章,请访问SecWiki
U.S. CISA adds ProjectSend, North Grid Proself, and Zyxel firewalls bugs to its Known Exploited Vulnerabilities catalog
酒业巨头申请破产原因:勒索攻击致企业无法正常运转
Black Basta
CVE-2020-11022 | Oracle Financial Services Regulatory Reporting for De Nederlandsche Bank User Interface cross site scripting (EDB-49766 / Nessus ID 209233)
Black Basta
Solana’s popular web3.js library backdoored in supply chain compromise
A software supply chain attack has lead to the publication of malicious versions of Solana’s web3.js library on the npm registry. Just like the recent Lottie Player supply chain compromise, this attack was reportedly made possible due to compromised (phished) npm.js account credentials. What happened? “Earlier today, a publish-access account was compromised for @solana/web3.js, a JavaScript library that is commonly used by Solana [decentralized apps]. This allowed an attacker to publish unauthorized and malicious packages … More →
The post Solana’s popular web3.js library backdoored in supply chain compromise appeared first on Help Net Security.
How CSPs are Adapting to the Threat Landscape and Meeting new Cybersecurity Challenges
The year 2024 is one of continual evolution for communication service providers (CSPs) and the cybersecurity landscape.
The post How CSPs are Adapting to the Threat Landscape and Meeting new Cybersecurity Challenges appeared first on Security Boulevard.