Feb 13, 2025Ravie LakshmananMalware / Cyber Espionage Threat hunters have shed light on a new campaign targeting the foreign ministry of an unnamed South American nation with bespoke malware capable of granting remote access to infected hosts. The activity, detected in November 2024, has been attributed by Elastic Security Labs to a threat cluster it … Read more
Feb 01, 2025Ravie LakshmananVulnerability / Zero-Day BeyondTrust has revealed it completed an investigation into a recent cybersecurity incident that targeted some of the company’s Remote Support SaaS instances by making use of a compromised API key. The company said the breach involved 17 Remote Support SaaS customers and that the API key was used to … Read more
AI-enhanced cyberattacks are the No. 1 concern for application programming interface (API) defenders, according to a survey by Kong published Tuesday. The survey of 700 IT leaders found that 32% of respondents ranked AI-enhanced attacks as the biggest API security threat to their organization, more than unauthorized access or breaches at 26% and insufficient encryption … Read more
Elon Musk’s X appears to be adding yet another fee for third party apps, according to an affected app developer. After acquiring then-Twitter, Musk made big sweeping changes to the platform’s API, which allows third-party developers to integrate X into their platforms. The biggest change? Charging thousands of dollars just to access X’s API, which … Read more
Cybersecurity researchers have uncovered a new cryptojacking campaign targeting the Docker Engine API with the goal of co-opting the instances to join a malicious Docker Swarm controlled by the threat actor. This enabled the attackers to “use Docker Swarm’s orchestration features for command-and-control (C2) purposes,” Datadog researchers Matt Muir and Andy Giron said in an … Read more
