Aqua Compass MCP server enables real-time investigation and containment of runtime threats 2026-04-23 at 15:52 By Industry News Aqua Security has announced Aqua Compass, a Model Context Protocol (MCP) server that enables agentic investigation, containment and remediation of runtime incidents, and new runtime risk dashboards. These capabilities help security teams move beyond identifying risk and […]
CISA sounds alarm on Langflow RCE, Trivy supply chain compromise after rapid exploitation 2026-03-27 at 12:43 By Zeljka Zorz The US Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities catalog: CVE-2026-33017, a recently disclosed code injection vulnerability in Langflow, an open-source framework for building AI agents and
LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks 2026-03-25 at 14:01 By Zeljka Zorz A slew of supply chain attacks against popular open source tools and packages appears to have been orchestrated by TeamPCP, a cybercriminal group that rose to prominence in late 2025. The latest victim of the group is BerryAI’s popular
LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks Read More »
Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack 2026-03-23 at 16:12 By Ionut Arghire Hackers published a malicious scanner release and replaced tags to point to information-stealer malware. The post Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack Read More »
Aqua Security unveils Secure AI for protecting workloads from code to cloud 2025-04-29 at 12:02 By Industry News Aqua Security has unveiled the next phase of its AI security strategy with the introduction of Secure AI, full lifecycle security from code to cloud to prompt. These new capabilities secure AI applications through the development process
Aqua Security unveils Secure AI for protecting workloads from code to cloud Read More »
Linux systems targeted with stealthy “Perfctl” cryptomining malware 2024-10-07 at 15:46 By Zeljka Zorz Thousands of Linux systems are likely infected with the highly elusive and persistent “perfctl” (or “perfcc“) cryptomining malware and many others still could be at risk of getting compromised, Aqua Security researchers revealed last week. “In all the attacks observed, the
Linux systems targeted with stealthy “Perfctl” cryptomining malware Read More »
PostgreSQL databases under attack 2024-08-21 at 16:16 By Zeljka Zorz Poorly protected PostgreSQL databases running on Linux machines are being compromised by cryptojacking attackers. The attack – observed by Aqua Security researchers on a honeypot system – starts with the threat actors brute-forcing access credentials. Once access is achieved, the threat actor: Creates a new
PostgreSQL databases under attack Read More »
Traceeshark: Open-source plugin for Wireshark 2024-08-08 at 08:01 By Mirko Zorz Traceeshark is a plugin for Wireshark that enables security practitioners to quickly investigate security incidents. It enhances the capabilities of Aqua Tracee, an open-source runtime security and forensics tool, and allows users to analyze kernel-level event and behavioral detection alongside network traffic. With Traceeshark,
Traceeshark: Open-source plugin for Wireshark Read More »
Developer errors lead to long-term exposure of sensitive data in Git repos 2024-06-26 at 15:01 By Help Net Security Credentials, API tokens, and passkeys – collectively referred to as secrets – from organizations around the globe were exposed for years, according to Aqua Security’s latest research. By scanning the most popular 100 organizations on GitHub,
Developer errors lead to long-term exposure of sensitive data in Git repos Read More »
Understanding cyber risks beyond data breaches 2024-05-20 at 06:01 By Help Net Security While some may associate cyber risks primarily with technology and data breaches, they can also lead to brand or reputational harm, reduced productivity, and financial losses. This Help Net Security round-up presents excerpts from previously recorded videos featuring security experts covering a
Understanding cyber risks beyond data breaches Read More »
Exposing the top cloud security threats 2024-04-15 at 07:01 By Help Net Security Many companies consider AI-powered threats to be the top cloud security threat to their business. Concerningly, less than half are confident in their ability to tackle those threats, according to a recent Aqua Security survey. In this Help Net Security video, Michal
Exposing the top cloud security threats Read More »
Escalating cyber threats: Bots, fraud farms, and cryptojacking surge, urgently requiring attention 2024-01-05 at 06:32 By Help Net Security The motivations behind cyberattacks are as diverse as the methods employed. Whether driven by financial gain, political agendas, or sheer malice, cybercriminals exploit weaknesses in cybersecurity defenses, seeking entry points to compromise sensitive data, disrupt critical
Aqua Security Scores $60M Series E Funding 2024-01-03 at 23:01 By Ryan Naraine Late-stage player in the CNAPP space secures a $60 million extended Series E funding round at a valuation north of $1 billion. The post Aqua Security Scores $60M Series E Funding appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
Aqua Security Scores $60M Series E Funding Read More »
Tackling cloud security challenges head-on 2023-12-26 at 07:32 By Help Net Security Cloud security is a critical aspect of modern computing, as businesses and individuals increasingly rely on cloud services to store, process, and manage data. Cloud computing offers numerous benefits, including scalability, flexibility, and cost efficiency, but it also introduces unique security challenges that
Tackling cloud security challenges head-on Read More »
Infosec products of the month: November 2023 30/11/2023 at 06:46 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: Action1, Amazon, Aqua Security, ARMO, Datadog, Devo Technology, Druva, Entrust, Enzoic, Fortanix, GitHub, Illumio, Immuta, IRONSCALES, Kasada, Lacework, Malwarebytes, OneSpan, Paladin Cloud, Snappt, ThreatModeler, and Varonis.
Infosec products of the month: November 2023 Read More »
Researchers Discover Dangerous Exposure of Sensitive Kubernetes Secrets 22/11/2023 at 20:31 By Ryan Naraine Researchers at Aqua call urgent attention to the public exposure of Kubernetes configuration secrets, warning that hundreds of organizations are vulnerable to this “ticking supply chain attack bomb.” The post Researchers Discover Dangerous Exposure of Sensitive Kubernetes Secrets appeared first on
Researchers Discover Dangerous Exposure of Sensitive Kubernetes Secrets Read More »
New infosec products of the week: November 10, 2023 10/11/2023 at 08:48 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Aqua Security, ARMO, Druva, IRONSCALES, Malwarebytes, and Varonis. Varonis enhances its Microsoft 365 offering to prevent sensitive email exposure Varonis announced major enhancements to
New infosec products of the week: November 10, 2023 Read More »
Open-source vulnerability disclosure: Exploitable weak spots 09/11/2023 at 15:17 By Zeljka Zorz Flaws in the vulnerability disclosure process of open-source projects could be exploited by attackers to harvest the information needed to launch attacks before patches are made available, Aqua Security researchers worry. The risk arises from “half-day” and “0.75-day” vulnerabilities “Half-day” vulnerabilities are known
Open-source vulnerability disclosure: Exploitable weak spots Read More »
Aqua Trivy open-source security scanner now finds Kubernetes security risks 08/11/2023 at 08:31 By Mirko Zorz The Aqua Trivy open-source scanner now supports vulnerability scanning for Kubernetes components and Kubernetes Bill of Materials (KBOM) generation. Now, companies can better understand the components within their Kubernetes environment and how secure they are to reduce risk. “Aqua
Aqua Trivy open-source security scanner now finds Kubernetes security risks Read More »
Looney Tunables bug exploited for cryptojacking 07/11/2023 at 12:46 By Helga Labus Kinsing threat actors have been spotted exploiting the recently disclosed Looney Tunables (CVE-2023-4911) vulnerability to covertly install cryptomining software into cloud-native environments. Kinsing (aka Money Libra) is a threat actor group that has been active since late 2021, targeting cloud-native environments and applications
Looney Tunables bug exploited for cryptojacking Read More »