February Patch Tuesday delivers 57 packages
After January’s deluge, a calmer update volume returns
Similar Posts
Memo: Hamilton County data breach has gone unreported
Bys sJoan McClane reports: Hamilton County officials were notified more than 240 days ago about a data breach potentially compromising financial information for more than 14,000 people, according to an internal memo this month. According to the memo from the county attorney’s office, affected parties and the public were supposed to be notified within 60 days, but that…
Niva Bupa investigates alleged data leak after cyber threat
Bys sAman Shukla reports: Niva Bupa Health Insurance Company Ltd has recently informed exchanges that the company received an email from an anonymous sender claiming a potential customer data breach. The company is actively investigating the matter and implementing preventive measures to mitigate risks. … In the exchange filing, the company shared, “We have received communication(s)…
DevOps & SaaS Downtime: The High (and Hidden) Costs for Cloud-First Businesses
Bys sJust a few years ago, the cloud was touted as the “magic pill” for any cyber threat or performance issue. Many were lured by the “always-on” dream, trading granular control for the convenience of managed services. In recent years, many of us have learned (often the hard way) that public cloud service providers are not…
Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks
Bys sCybersecurity researchers have disclosed details of a now-patched bug impacting Open VSX’s pre-publish scanning pipeline to cause the tool to allow a malicious Microsoft Visual Studio Code (VS Code) extension to pass the vetting process and go live in the registry. “The pipeline had a single boolean return value that meant both ‘no scanners are…
Researchers Identify PassiveNeuron APT Using Neursite and NeuralExecutor Malware
Bys sGovernment, financial, and industrial organizations located in Asia, Africa, and Latin America are the target of a new campaign dubbed PassiveNeuron, according to findings from Kaspersky. The cyber espionage activity was first flagged by the Russian cybersecurity vendor in November 2024, when it disclosed a set of attacks aimed at government entities in Latin America…
Fire Ant Exploits VMware Flaws to Compromise ESXi Hosts and vCenter Environments
Bys sVirtualization and networking infrastructure have been targeted by a threat actor codenamed Fire Ant as part of a prolonged cyber espionage campaign. The activity, observed this year, is primarily designed Now to infiltrate organizations’ VMware ESXi and vCenter environments as well as network appliances, Sygnia said in a new report published today. “The threat actor…