Tenable researchers found two security vulnerabilities in Microsoft’s Azure Health Bot platform that could allow unauthorized access to internal APIs and cross-tenant resources. Microsoft acted promptly on Tenable’s findings, applying mitigations to all affected services and eliminating the attack vector. These discoveries highlight the potential risks of AI-powered services and the need for strong web application and cloud security controls.
North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages
North Korean threat actors are using npm (Node Package Manager) ecosystem to publish malicious packages to deliver malware. The campaign aims to infiltrate developer systems,
