Large enterprises scramble after supply-chain attack spills their secrets

Open source software used by more than 23,000 organizations, some of them in large enterprises, was compromised with credential-stealing code after attackers gained unauthorized access to a maintainer account, in the latest open source supply-chain attack to roil the Internet. The corrupted package, tj-actions/changed-files, is part of tj-actions, a collection of files that’s used by more than 23,000 organizations. Tj-actions is one of many GitHub Actions, a form of platform for streamlining software available on the open source developer platform. Actions are a core means of implementing what’s known as CI/CD, short for Continuous Integration and Continuous Deployment (or Continuous Delivery).

Xbox 360 consoles can now be hacked with just a USB key

Xbox 360 modders have discovered a new way to get homebrew apps and games running on the console. A new software-only exploit known as BadUpdate allows you to use a USB key to hack past Microsoft’s Hypervisor protections and run unsigned code and games. Modern Vintage Gamer has tested BadUpdate and found that you don’t even have to open up your Xbox 360 console to get it running. Unlike the RGH or JTAG exploits for the Xbox 360, this BadUpdate method just requires a USB key. If you have the time and patience to get this running successfully, you’ll be able to run the Xbox 360 homebrew store which includes games, apps, emulators, utilities, and even custom dashboards.

Jaguar Land Rover Breached by HELLCAT Ransomware Group Using Its Infostealer Playbook—Then a Second Hacker Strikes

In a repeat of a now-familiar playbook, the HELLCAT ransomware group has claimed responsibility for a massive data breach targeting Jaguar Land Rover (JLR), leaking gigabytes of sensitive information including proprietary documents, source codes, and employee and partner data. The breach, executed by a threat actor known as “Rey,” mirrors a pattern of attacks Hudson Rock researchers have previously detected against high-profile victims like Telefónica, Schneider Electric, and Orange. At the heart of this latest incident lies a technique that has become HELLCAT’s signature: exploiting Jira credentials harvested from compromised employees that were infected by Infostealers.

Google Acquires Wiz for $32 Billion in Its Biggest Deal Ever to Boost Cloud Security

Google is making the biggest ever acquisition in its history by purchasing cloud security company Wiz in an all-cash deal worth $32 billion. “This acquisition represents an investment by Google Cloud to accelerate two large and growing trends in the AI era: improved cloud security and the ability to use multiple clouds (multicloud),” the tech giant said today. It added the acquisition, which is subject to regulatory approvals, is meant to provide customers with a “comprehensive security platform” that secures modern IT environments. Google Cloud CEO Thomas Kurian said by bringing its cloud offerings and Wiz together, the move will “spur the adoption of multicloud cybersecurity, the use of multicloud, and competition and growth in cloud computing.”

Massive RSA Encryption Flaw Exposes Millions of IoT Devices to Attack

A major security flaw has been found in RSA encryption keys used across the internet. Researchers discovered that about one in 172 online certificates are at risk due to a mathematical weakness. The issue mainly affects Internet of Things (IoT) devices but could impact any system using improperly generated RSA keys, arising from poor random number generation during key creation, particularly in devices with limited entropy sources. If RSA keys lack enough randomness, they could share prime factors with other keys, making them easy to break using a factorization attack.