The threat group behind the notorious Mini Shai-Hulud worm last month put the complete source code for the malware into a GitHub repository, essentially open sourcing the threat so that other bad actors can create their own variants. GitHub reportedly took down the repository shortly after it appeared, but the damage was already done, with […]
Massive VS Code Secrets Leak Puts Focus on Extensions, AI: Wiz
Researchers with cybersecurity firm Wiz earlier this year discovered, almost by chance, a significant supply chain risk and massive secrets leak in the Visual Studio Code and OpenVSX marketplaces that they said put a focus on the ongoing security issues presented by extensions and plugins. In their months-long investigation with Microsoft, the researchers found that […]
Report Affirms Continued AWS Cloud Dominance
A report published this week by Wiz, a provider of a cloud security platform, found more than half of organizations (57%) are using multiple clouds, with 22% currently using three or more platforms. However, the report also noted that 72% of all workloads are running on the Amazon Web Services (AWS) cloud. Among organizations that […]