Woodpecker: Red Teaming for AI, Kubernetes, and API Security Testing
A new open-source security tool called Woodpecker has emerged as a specialized solution for red teaming artificial intelligence and cloud applications.Developed by OperantAI,...
Docker Zombie Malware Spreads Through Containers to Mine Cryptocurrency and Self-Replicate
A sophisticated malware campaign targeting Docker container environments has been detected, leveraging insecurely exposed Docker APIs to launch a rapidly spreading “zombie” outbreak within...
Cybercriminals Exploit TikTok and Instagram APIs to Validate Compromised Accounts
Cybersecurity researchers have uncovered a wave of malicious software packages on the Python Package Index (PyPI) designed to systematically exploit TikTok and Instagram APIs...
New Supply Chain Attack Targets Widely Used npm Package with 45,000 Weekly Downloads
A major supply chain compromise has been discovered in the npm package rand-user-agent, a library with over 45,000 weekly downloads, commonly used to generate...
OAuth Misconfiguration Enables Researchers to Access Sensitive Data Without Restrictions
A recent bug bounty engagement has brought to light a critical OAuth2 misconfiguration that allowed independent security researchers to access sensitive organizational and personally...
