Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The maintainers have already released an update fixing the issue. Versions before 0.7.5 are affected and thus vulnerable to Prototype Pollution. We strongly recommend that impacted users upgrade to the newer version that includes the fixes, i.e., version 0.7.5 and above.We have found a new Prototype Pollution vulnerability in the JavaScript package tree-kit in all versions before 0.7.5. The maintainer of tree-kit has released an update that fixed the issue on 21 July 2023.

KuppingerCole has named Kroll as an Overall Leader in its latest analysis of the Managed Detection & Response services market. The KuppingerCole Leadership Compass provides an overview of the market for managed detection and response (MDR) services that manage a collection of cybersecurity technologies to provide advanced cyber threat detection and response capabilities, including Security Operations Center as a Service (SOCaaS) offerings.

BSides Las Vegas 2023 united security experts and devs. Highlights include PasswordsCon, medical device security, MFA challenges, and CISA's role in cybersecurity.

After shutting down a ‘phishing-as-a-service’ operation that impacted thousands of victims in 43 countries, INTERPOL recently noted, “Cyberattacks such as phishing may be borderless and virtual in nature, but their impact on victims is real and devastating.” Business email compromise (BEC), a type of malware-less attack that tricks recipients into transferring funds — for example — has cost victims worldwide more than $50 billion, according to the FBI.