The Hacker News

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners ...

Hackers exploit security testing apps to breach Fortune 500 firms

Threat actors are exploiting misconfigured web applications used for security training and internal penetration testing, such ...
Dark Reading

'Damn Vulnerable' Training Apps Leave Vendors' Clouds Exposed

Hackers are already leveraging these over-permissioned programs to access the IT systems of major security vendors.
WinBuzzer

Hackers Breach Fortune 500 Companies Exploiting Security Testing Apps

Cybersecurity researchers from Pentera have discovered 1,926 vulnerable security training applications exposed online, with ...
Cybernews

Pentest tools left online are allowing hackers to exploit Fortune 500 firms

Hackers are exploiting intentionally vulnerable penetration testing and security training apps that have been mistakenly exposed to the public internet, giving them access to cloud environments ...
CSO Online

Misconfigured demo environments are turning into cloud backdoors to the enterprise

Beyond this, Yaffe advised enterprises to “inventory everything” to establish a complete, up-to-date picture of all cloud ...