Latest articles by Solomon Klappholz
Abandoned S3 buckets could have caused a supply chain catastrophe
News Researchers think they just uncovered what could’ve caused the mother of all supply chain attacks.
Why LinkedIn has become a prime hunting ground for cyber criminals
News Cyber criminals are flocking to LinkedIn to conduct social engineering campaigns, research shows.
Agentic AI could be a blessing and a curse for cybersecurity
News Agentic AI systems could become a key weapon in the cybercriminal arsenal as the technology matures, according to research from Malwarebytes.
Why the CrowdStrike outage was a wakeup call for developer teams
News The CrowdStrike outage in 2024 has prompted wholesale changes to software testing and development lifecycle practices, according to new research.
New phishing campaign exploits Microsoft’s legacy ADFS identity solution
News Researchers at Abnormal Security have warned of a new phishing campaign targeting Microsoft's Active Directory Federation Services (ADFS) secure access system.
Magic links should be the default password replacement
Opinion Using magic links instead of passwords is safe and easy but they’re still infuriatingly underused by businesses
Security experts raise alarm over 'critical safety flaws' in DeepSeek R1 model
News DeepSeek's R1 AI model is vulnerable to a wide range of jailbreaking techniques.
Tata Technologies hit by ransomware attack
News A ransomware attack forced the technology provider to shut down several IT services
Oracle Java pricing concerns could spark a developer exodus
News Oracle Java users have raised concerns over pricing, with many considering switching to open source options.
Microsoft targets enterprises with new Intel-powered Surface devices
News Microsoft has unveiled the launch of the new Surface Pro 11 and Surface 7 laptop devices with Intel chips.
Pure Storage's recent hyperscaler ‘design win’ could be the death knell for disk storage
News Disk storage’s ubiquity in the enterprise market could be coming to an end
Mark Zuckerberg says AI will be doing the work of mid-level engineers this year
News The Meta founder thinks 2025 will herald a profound shift in the software engineering profession
FCC orders telcos to sharpen up security after Salt Typhoon chaos
News The move follows a devastating attack on US telecoms infrastructure
A CSO’s perspective on DORA compliance and where to go from here
Analysis With DORA coming into force, here’s what security leaders should know about pain points and planning
Shadow AI is creeping its way into software development
News Enterprises need to create smart AI usage policies that balance the benefits and risks
Microsoft files suit against threat actors abusing AI services
News Cyber criminals are accused of using stolen credentials for an illegal hacking as a service operation
US authorities just purged malware from thousands of devices across the world
News After taking control of the PlugX malware’s command-and-control server, the coalition were able to trigger a self-delete mechanism to remove the malicious program
CISOs are working harder than ever, but their pay isn’t keeping pace
News Many CISOs are being asked to take on more responsibility for domains that would normally lie outside of their remit
Hackers are turning S3 buckets against customers
News Attackers are using AWS’ server-side encryption to conduct ransomware attacks
Nvidia's new 'Project Digits' mini PC is an AI developer's dream
News Nvidia unveiled the launch of a new mini PC, dubbed 'Project Digits', aimed specifically at AI developers during CES 2025.
Phishing campaign targets developers with fake CrowdStrike job offers
News Victims are drawn in with the promise of an interview for a junior developer role at CrowdStrike
A critical Ivanti flaw is being exploited in the wild – here’s what you need to know
News Cyber criminals are actively exploiting a critical RCE flaw affecting Ivanti Connect Secure appliances
UK cyber experts on red alert after Salt Typhoon attacks on US telcos
Analysis The UK could be next in a spate of state-sponsored attacks on telecoms infrastructure
