Researchers discovered a significant software supply chain vulnerability in a recently acquired subsidiary, earning a $50,500 bounty from a corporate bug bounty program. The ethical hackers exploited mismanaged Docker images containing proprietary code and exposed tokens, highlighting the risks of overlooked assets during acquisitions and the importance of securing software supply chains. The vulnerability demonstrated potential widespread impact on development and production environments.
Data Reveals Identity-Based Attacks Now Dominate Cybercrime
Cyberattacks are increasingly focusing on stolen identities instead of malware, according to the CrowdStrike 2024 Global Threat Report. The report finds that three-quarters of attacks
