Alert - GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions

THN Daily Updates [Newsletter]( [cover]( [Not with a Bug, But with a Sticker: Attacks on Machine Learning Systems and What To Do About Them ($17.00 Value) FREE for a Limited Time]( A robust and engaging account of the single greatest threat faced by AI and ML systems [Download Now]( Sponsored LATEST NEWS Sep 19, 2024 [Healthcare's Diagnosis is Critical: The Cure is Cybersecurity Hygiene]( Cybersecurity in healthcare has never been more urgent. As the most vulnerable industry and largest target for cybercriminals, healthcare is facing an increasing wave of cyberattacks. When a hospital's systems are held ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Microsoft Warns of New INC Ransomware Targeting U.S. Healthcare Sector]( Microsoft has revealed that a financially motivated threat actor has been observed using a ransomware strain called INC for the first time to target the healthcare sector in the U.S. The tech giant's threat intelligence... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Security from Code to Cloud]( Develop securely from code to cloud with this DevOps Best Practices guide from Wiz. [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions]( GitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an authentication bypass. The vulnerability is rooted in the ruby-saml library (CV... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [New "Raptor Train" IoT Botnet Compromises Over 200,000 Devices Worldwide]( Cybersecurity researchers have uncovered a never-before-seen botnet comprising an army of small office/home office (SOHO) and IoT devices that are likely operated by a Chinese nation-state threat actor called Flax Typho... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Chinese Engineer Charged in U.S. for Years-Long Cyber Espionage Targeting NASA and Military]( A Chinese national has been indicted in the U.S. on charges of conducting a "multi-year" spear-phishing campaign to obtain unauthorized access to computer software and source code created by the National Aeronautics and... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Top 10 Cyber Threats You Can’t Afford to Ignore in 2024—Act Now!]( 136M simulated attacks, only 56% logged—Is your system missing key threats? Discover how to improve your defenses. [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Why Pay A Pentester?]( The evolution of software always catches us by surprise. I remember betting against the IBM computer Deep Blue during its chess match against the grandmaster Garry Kasparov in 1997, only to be stunned when the machine c... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [cover]( [Not with a Bug, But with a Sticker: Attacks on Machine Learning Systems and What To Do About Them ($17.00 Value) FREE for a Limited Time]( A robust and engaging account of the single greatest threat faced by AI and ML systems [Download Now]( Sponsored This email was sent to {EMAIL}. You are receiving this newsletter because you opted-in to receive relevant communications from THN. To manage your email newsletter preferences, please [click here](. Contact THN: info@thehackernews.com [Unsubscribe]( THN | 2nd Floor, 219, K.P BLock, Pitampura, Delhi