The Hacker News

Webinar: How Attackers Exploit Cloud Misconfigurations Across AWS, AI Models, and Kubernetes

Live briefing shows how attackers exploit AWS identity errors, AI model masking, and Kubernetes privileges—and how teams can ...
The Hacker News

.NET SOAPwn Flaw Opens Door for File Writes and Remote Code Execution via Rogue WSDL

Research shows a .NET proxy design flaw enables file writes and RCE through attacker-supplied WSDL in multiple products.
Computer Weekly

AWS launches Kiro IDE for real agentic development at scale

AWS used its re: Invent conference to announce Kiro, an AI IDE that helps software engineers move from concept to production through a simplified developer experience for working with AI agents. Kiro ...
InfoWorld

GitHub Action Secrets aren’t secret anymore: exposed PATs now a direct path into cloud environments

Wiz has found threat actors exploiting GitHub tokens, giving them access to GitHub Action Secrets and, ultimately, cloud ...

Sanctioned spyware maker Intellexa had direct access to government espionage victims, researchers say

Based on a leaked video, security researchers alleged that Intellexa staffers have remote live access to their customers' ...
NPR

Code Switch

What's CODE SWITCH? It's the fearless conversations about race that you've been waiting for. Hosted by journalists of color, our podcast tackles the subject of race with empathy and humor. We explore ...
Cloud Security Alliance

Killing Standing Privileges: Why Just-in-Time Access is the Future of PAM

Privileged Access Management (PAM) needs to modernize. Learn how to move from always-on admin rights to Zero Standing ...
Cloud Security Alliance

How to Build AI Prompt Guardrails: An In-Depth Guide for Securing Enterprise GenAI

A practical guide to building AI prompt guardrails, with DLP, data labeling, online tokenization, and governance for secure ...