Welcome to another Lunch Time breakout:
Cacti Servers Under Attack as Majority Fail to Patch Critical Vulnerability
A majority of internet-exposed Cacti servers have not been patched against a recently patched critical security vulnerability that has come under active exploitation in the wild.
That’s according to attack surface management platform Censys, which found only 26 out of a total of 6,427 servers to be running a patched version of Cacti (1.2.23 and 1.3.0).
The issue in question relates to
Malware Attack on CircleCI Engineer’s Laptop Leads to Recent Security Incident
DevOps platform CircleCI on Friday disclosed that unidentified threat actors compromised an employee’s laptop and leveraged malware to steal their two-factor authentication-backed credentials to breach the company’s systems and data last month.
The CI/CD service CircleCI said the “sophisticated attack” took place on December 16, 2022, and that the malware went undetected by its antivirus
Follow for more…