Steadybit was founded in 2019 and has now raised a total of $13.8 million in funding. The post Software Reliability Firm Steadybit Raises $6 Million appeared first on SecurityWeek. Original link(Originally posted by Kevin Townsend)

Servers impacted by recently patched TeamCity vulnerability CVE-2024-27198 targeted in ransomware attacks and abused for DDoS. The post Recent TeamCity Vulnerability Exploited in Ransomware Attacks appeared first on SecurityWeek. Original link(Originally posted by Eduard Kovacs)

A high-severity XSS vulnerability in the Ultimate Member plugin allows attackers to inject scripts into WordPress sites. The post Ultimate Member Plugin Flaw Exposes 100,000 WordPress Sites to Attacks appeared first on SecurityWeek. Original link(Originally posted by Ionut Arghire)

Cyber Insights 2024 talks to hundreds of industry experts from dozens of companies covering seven primary topics. The post SecurityWeek Cyber Insights 2024 Series appeared first on SecurityWeek. Original link(Originally posted by Kevin Townsend)

Critical-severity vulnerability could allow network attackers to access QNAP NAS devices without authentication. The post Critical Vulnerability Allows Access to QNAP NAS Devices appeared first on SecurityWeek. Original link(Originally posted by Ionut Arghire)

150,000 systems possibly impacted by the recent Fortinet vulnerability ​​CVE-2024-21762, but there is still no evidence of widespread exploitation.  The post Possibly Exploited Fortinet Flaw Impacts Many Systems, but No Signs of Mass Attacks appeared first on SecurityWeek. Original link(Originally posted by Eduard Kovacs)

The financially motivated threat actor Magnet Goblin is targeting one-day vulnerabilities to deploy Nerbian malware on Linux systems. The post Magnet Goblin Delivers Linux Malware Using One-Day Vulnerabilities appeared first on SecurityWeek. Original link(Originally posted by Ionut Arghire)

The CloudGrappler open source tool can detect the presence of known threat actors in cloud environments. The post New Open Source Tool Hunts for APT Activity in the Cloud appeared first on SecurityWeek. Original link(Originally posted by Ionut Arghire)

Microsoft says the Midnight Blizzard APT group may still be poking around its internal network after stealing source code, spying on emails. The post Microsoft Says Russian Gov Hackers Stole Source Code After Spying on Executive Emails appeared first on SecurityWeek. Original link(Originally posted by Ryan Naraine)

Concluding a two-day OSS security summit, CISA details key actions to help improve open source security. The post CISA Outlines Efforts to Secure Open Source Software appeared first on SecurityWeek. Original link(Originally posted by Ionut Arghire)