SecurityWeek

1,800 Hit in Mini Shai-Hulud Attack on SAP, Lightning, Intercom

Over 1,800 developers were affected by the Mini Shai-Hulud supply chain attack that hit the PyPi, NPM, and PHP ecosystems ...

One tool call to rule them all? New open source Python tool RunPod Flash eliminates containers for faster AI dev

With Flash GA, the company is attempting to transition from being a provider of raw compute to becoming the essential ...
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
The Hacker News

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

DEEP#DOOR embeds a Python RAT in a dropper script, using bore[.]pub C2 to steal credentials and evade Windows defenses, ...

Official SAP npm packages compromised to steal credentials

Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...

Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...
SecurityWeek

Splunk, Zoom Patch Severe Vulnerabilities

Splunk and Zoom this week announced security updates that resolve multiple critical- and high-severity vulnerabilities across their product portfolios. Zoom has addressed a critical-severity flaw in ...
SDxCentral

AWS bolsters cloud security with Splunk, Zscaler, and more

Amazon Web Services (AWS) staked out a play for the enterprise cybersecurity stack with the release of an all-in-one cloud security platform. AWS Security Hub Extended broadens the hyperscaler’s ...
GitHub

soc-automation-splunk-bruteforce-lab

This project simulates an SMB brute-force attack against a Windows host in an isolated lab environment. Logs were ingested into Splunk, analyzed using custom SPL logic, and automated case ...
Business Insider

OpenAI is generating over $1 billion from something that has nothing to do with ChatGPT

OpenAI has made more than $1 billion from something other than ChatGPT. That revenue comes "just from our API business," Sam Altman said. His comments come as OpenAI looks beyond model subscriptions ...