Microsoft Self-Service Password Reset abused in Azure data theft attacks

A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate ...
winbuzzer.com

OpenAI Details Codex Windows Sandbox Controls

OpenAI has published a technical explanation of its Windows sandbox for Codex, detailing a stricter local setup for the coding agent on developer PCs. Codex can still read broadly across a system, ...

Hackers bypass SonicWall VPN MFA due to incomplete patching

Threat actors brute-forced VPN credentials and bypassed multi-factor authentication (MFA) on SonicWall Gen6 SSL-VPN ...
Decrypt

Shai-Hulud: What to Know About the Malware Spreading Through Software Pipelines

The Shai-Hulud supply-chain malware campaign is exploiting the automated systems developers trust to publish software safely.
Security Systems News

Sola Security raises $35M Series A funding round

TEL AVIV, Israel — Sola Security, the Cybersecurity AI assistant, announced that it has raised a $35 million Series A round led by existing investor S32 and joined by M12, Microsoft’s Venture Fund, ...

Forcepoint details TeamPCP supply chain attack that turned LiteLLM into a credential stealer

A new report out today from cybersecurity company Forcepoint LLC’s X-Labs research team details a supply chain attack that ...