Cybersecurity is the most crucial curve in today’s rapidly evolving digital landscape, and all organizations of any size need to be at the forefront of it. With AI becoming mainstream, new emerging trends shape the cybersecurity industry daily.

Recently, Qualys identified a new remote unauthenticated Code Execution (RCE) vulnerability in OpenSSH’s server (sshd) in glibc-based Linux systems, nicknamed regreSSHion (CVE-2024-6387).

Cyber threats are getting more sophisticated and frequent. As a result, organizations are always looking for ways to outsmart cybercriminals. This is where artificial intelligence (AI) comes in handy. Artificial intelligence (AI) is transforming the cybersecurity landscape by offering faster, more precise, and more efficient means of identifying cyber threats.

Polyfill.js is a Javascript library that helps old browsers run new modern features which these old browsers do not support natively. The library is popular among developers for helping them offer consistent user experience regardless of the browser environment the user is using. In February 2024, a Chinese company bought the domain polyfill.io and the Github account associated with it. Since then, they’ve been serving malware via cdn.polyfill.io as pointed by the team at Sansec.

It’s an API talking to the API world we’re living in. As per Postman, 500 million new APIs are expected to be created by 2025. APIs are a lifesaver when it comes to automation or integration. But when it comes to the security of these APIs, things can get a little tricky. OWASP API Top 10 gives insights on top vulnerabilities exploited in APIs.

Sun Tzu once said, “If you know the enemy and know yourself, your victory will not stand in doubt.” Yet, despite global cybersecurity investment crossing $188 Billion and 93% of companies feeling cyber-secure, the data breaches in the US alone were up by 78% in 2023.

CVE-2024-3094 is a critical backdoor vulnerability found in the XZ Utils open-source library. The vulnerability was caused by a malicious code injected into the library by one of the maintainers. The vulnerability allows remote attackers to execute any desired code on systems with exposed SSH packages.

Privileged Access Management (PAM) is a comprehensive framework of policies, strategies, and technologies designed to regulate, oversee, and fortify access to critical resources for human and service accounts.