Aggregator

Исполняемые файлы и сертификаты открыли доступ к закрытым данным госструктур и частных компаний.

Submit #617657 / VDB-320516

AI is no longer on the horizon, it’s already transforming how organizations operate. In just a few years, we’ve gone from isolated pilots to enterprise-wide adoption. According to a recent SailPoint survey, 82% of companies are running AI agents today, often across multiple business functions. These agents aren’t just passive tools; they’re autonomous systems that act, decide, and adapt at remarkable speed and scale. These systems now handle responsibilities once reserved for skilled human oversight, … More →

The post As AI grows smarter, your identity security must too appeared first on Help Net Security.

A vulnerability described as problematic has been identified in Verkehrsauskunft Österreich SmartRide, cleVVVer and BusBahnBim up to 12.1.1(258). The impacted element is an unknown function of the file AndroidManifest.xml. The manipulation results in improper export of android application components. This vulnerability is cataloged as CVE-2025-9135. The attack must be initiated from a local position. Furthermore, there is an exploit available. Upgrading the affected component is recommended.

A vulnerability marked as problematic has been reported in AfterShip Package Tracker App up to 5.24.1 on Android. The affected element is an unknown function of the file AndroidManifest.xml of the component com.aftership.AfterShip. The manipulation leads to improper export of android application components. This vulnerability is listed as CVE-2025-9134. The attack must be carried out locally. In addition, an exploit is available. The vendor was contacted early about this disclosure and replied: "After reviewing your report, we have confirmed that this vulnerability does indeed exist and we are actively working to fix it."

Submit #628235 / VDB-320515

Submit #615278 / VDB-320515

A vulnerability marked as problematic has been reported in AfterShip Package Tracker App up to 5.24.1 on Android. The affected element is an unknown function of the file AndroidManifest.xml of the component com.aftership.AfterShip. The manipulation leads to improper export of android application components. This vulnerability is listed as CVE-2025-9134. The attack must be carried out locally. In addition, an exploit is available. The vendor was contacted early about this disclosure and replied: "After reviewing your report, we have confirmed that this vulnerability does indeed exist and we are actively working to fix it."

Submit #615276 / VDB-320515

Submit #615253 / VDB-320514

A vulnerability labeled as critical has been found in Piciorgros TMO-100 up to 4.19. Impacted is an unknown function of the component TFTP Service. Executing manipulation can lead to missing authentication. This vulnerability is tracked as CVE-2025-29617. The attack is only possible within the local network. No exploit exists. The affected component should be upgraded.

Cybersecurity researchers have uncovered a sophisticated malware campaign exploiting Microsoft Help Index Files (.mshi) to deliver the notorious PipeMagic backdoor, marking a significant evolution in the threat actors’ tactics since the malware’s first detection in 2022. The campaign, which has targeted organizations across Saudi Arabia and Brazil throughout 2025, demonstrates the attackers’ continued refinement of […]

The post Threat Actors Abuse Microsoft Help Index File to Execute PipeMagic Malware appeared first on Cyber Security News.

Cooking with Code: A DevOps Kitchen Secured by Thales
madhav
Tue, 08/19/2025 - 05:13

In today’s hyperconnected digital world, deploying applications is a lot like running a high-performance, Michelin-star kitchen. You need the right setup, a disciplined process, and seamless coordination, where every tool, role, and task moves in harmony, executed flawlessly. Speed and precision are essential, but without tight security, your secret sauce is at risk.

Let’s step into the kitchen and see how DevOps tools work together like a world-class culinary team, with Thales ensuring everything stays safe from prep to plating.

Jenkins Gets Cooking: The Head Chef

At the heart of this kitchen is Jenkins, the head chef. Jenkins runs the show, deciding what’s cooking, when to start, and who handles what, and when service begins.

In DevOps, Jenkins automates CI/CD pipelines, triggering builds, tests, and deployments with military precision. Think of it like a chef shouting:

“Grill the steak! Plate the salad!”

Without Jenkins coordinating, the kitchen would fall into chaos.

Terraform Builds the Kitchen: The Architect

Before the first dish can be cooked, the kitchen needs to be built with counters, stoves, and appliances all in place. That’s where Terraform, the kitchen architect, steps in. It provisions cloud infrastructure as code, building consistent environments on demand.

Think of Terraform as drawing the blueprint and stocking the shelves exactly the same way every time, ensuring your infrastructure is repeatable, reliable, and ready to scale.

Ansible Preps the Line: The Sous Chef

Now it’s time to get the ingredients ready. That’s Ansible, the sous chef.

Ansible configures servers, applies security patches, and installs packages to ensure the applications can run smoothly. It’s the tool that warms the pans and organizes the stations, making sure every component of your application is ready to cook on command.

Kafka Delivers Orders: The Waiter

A high-speed kitchen thrives on timing. Enter Kafka, your restaurant's order management system, keeping all stations in sync, passing tickets from the front to the grill and dessert bar.

Kafka delivers real-time data between microservices, making sure that every dish is fired and plated at just the right moment. No overcooked steaks, no cold desserts.

In DevOps, Kafka ensures reliable delivery and sequencing of messages, keeping your distributed systems in perfect sync.

Thales Locks the Pantry: The Security Team

Speed is good. But what happens if someone sneaks into the pantry and steals your top-secret marinade?

That’s where Thales comes in, as the guardians of your kitchen, adding enterprise-grade data security and governance to your DevOps kitchen. They lock down your sensitive data, monitor access, and control who touches what and when.

CipherTrust Protects the Secret Sauce

Your sensitive data and keys (credentials, API secrets, and customer data) are your most precious ingredients.

CipherTrust secures data-at-rest encryption, tokenization, and key lifecycle management. Integrated with Terraform and Ansible, it ensures your secrets stay sealed in a secured digital pantry.

CCKM Controls the Keys to the Kitchen

Need to restrict which chefs have access to specific ingredients?

CipherTrust Cloud Key Management (CCKM) gives you cloud-native key control across AWS, Azure, and GCP. It enforces least privilege access and helps you implement Zero Trust across your infrastructure. It offers CMEK with centralized visibility and control.

SafeNet Trusted Access Guards the Line

Not every cook should access to the Head Chef (Jenkins) or be able to modify recipes.

SafeNet Trusted Access enforces MFA and SSO, tracks identity behavior, and restricts access based on role. It’s the digital gatekeeper that scopes access to pipelines, cloud vaults, and infrastructure and tracks identity behavior across DevOps flows

Data Security Fabric Improves your Posture

A locked pantry is good, but so is surveillance.

Thales Data Security Fabric (DSF) is like CCTV for your digital pantry — makes you ever vigilant constantly watching who accessed what, when, and why. It provides real-time visibility into sensitive data access across databases, data lakes, and cloud services, while detecting risky or anomalous activity before it becomes a threat.

Paired with Data Activity Monitoring (DAM), it provides full forensic traceability, like an efficient sous chef logging every spice used and every drawer opened. DAM alerts on anomalies, investigates misuse and provides audit-ready trails for MAS, GDPR, PCI DSS.

WAF Keeps the Kitchen Door Secure

Finally, there’s Imperva WAF, the bouncer at your kitchen door.

It blocks malicious actors, bad bots, and injection attempts before they ever touch your APIs or applications from OWASP Top 10 attacks. It filters out bad bots, injection attempts, and zero-day exploit. Integrated with Thales monitoring, WAF ensures full-stack visibility, without slowing down service.

Putting It All Together

Running DevOps today is like managing a high-end kitchen. But even if your team moves fast and works in harmony, without proper security, it’s like letting anyone raid your walk-in fridge during peak service.

With Thales, you get secure pipelines, compliant data practices, and peace of mind in the age of GenAI and multicloud.

We secure it from the inside out, from secrets and keys to access and analytics, every part of your infrastructure stays safe, monitored, and audit-ready.

So, next time someone asks you how DevOps and security go hand in hand, just tell them:

“It’s like running a Michelin-star kitchen — with Thales guarding the recipes, tracking every ingredient, and ensuring every dish meets the highest standard.”

Data Security

Shaun Chen | AVP - Sales Engineering, APAC
More About This Author > Schema {
"@context": "https://schema.org",
"@type": "BlogPosting",
"mainEntityOfPage": {
"@type": "WebPage",
"@id": "https://cpl.thalesgroup.com/blog/data-security/cooking-with-code-devops-kitchen-thales"
},
"headline": "Cooking with Code: A DevOps Kitchen Secured by Thales",
"description": "Explore how Thales secures DevOps pipelines like a Michelin-star kitchen—protecting secrets, keys, and access while ensuring compliance and Zero Trust.",
"image": "",
"author": {
"@type": "Person",
"name": "Shaun Chen",
"url": "https://cpl.thalesgroup.com/blog/author/schen"
},
"publisher": {
"@type": "Organization",
"name": "Thales Group",
"description": "The world relies on Thales to protect and secure access to your most sensitive data and software wherever it is created, shared, or stored. Whether building an encryption strategy, licensing software, providing trusted access to the cloud, or meeting compliance mandates, you can rely on Thales to secure your digital transformation.",
"url": "https://cpl.thalesgroup.com",
"logo": "https://cpl.thalesgroup.com/sites/default/files/content/footer/thaleslogo-white.png",
"sameAs": [
"https://www.twitter.com/ThalesCloudSec",
"https://www.linkedin.com/company/thalescloudsec",
"https://www.youtube.com/ThalesCloudSec"
]
},
"datePublished": "2025-08-19",
"dateModified": "2025-08-19"
}

basic

The post Cooking with Code: A DevOps Kitchen Secured by Thales appeared first on Security Boulevard.

A vulnerability identified as problematic has been detected in Contact Manager Plugin up to 8.6.5 on WordPress. This issue affects some unknown processing. Performing manipulation of the argument Title results in cross site scripting. This vulnerability is identified as CVE-2025-8783. The attack can be initiated remotely. There is not any exploit available.

A vulnerability categorized as problematic has been discovered in Thim Core Plugin up to 2.3.3 on WordPress. This vulnerability affects unknown code. Such manipulation leads to cross-site request forgery. This vulnerability is referenced as CVE-2025-53344. It is possible to launch the attack remotely. No exploit is available.

A vulnerability was found in Thim Core Plugin up to 2.3.3 on WordPress. It has been rated as critical. This affects an unknown part. This manipulation causes missing authorization. The identification of this vulnerability is CVE-2025-53346. It is possible to initiate the attack remotely. There is no exploit available.

Cybersecurity myths are like digital weeds: pull one out, and another quickly sprouts in its place. You’ve probably heard them before: Macs don’t get viruses, we’re too small to be a target, or changing passwords often keeps us safer. Experts have been busting these myths for years, yet they still stick around and shape bad strategies while giving people a false sense of security. Myth 1: AI can replace your security team No matter how … More →

The post The cybersecurity myths companies can’t seem to shake appeared first on Help Net Security.

A CVSS score 4.3 AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'shandikri' was reported to the affected vendor on: 2025-08-19, 6 days ago. The vendor is given until 2025-12-17 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

Now supporting hybrid environments, Vision 3.0 introduces “Who Clicked” to track and identify
user engagement with phishing emails for faster, more targeted response

The post Cofense Unveils Vision 3.0 with Sub-Minute Threat Containment Capabilities and Deeper Insights appeared first on Security Boulevard.

A vulnerability was found in Red Hat Developer Hub. It has been declared as problematic. Affected by this issue is some unknown functionality of the component rhdh-hub-rhel9. The manipulation results in incorrect privilege assignment. This vulnerability was named CVE-2025-5417. The attack needs to be approached within the local network. There is no available exploit.