VMware Tanzu Spring Security: Attackers can log in malicious clients

Due to security issues, authentication is bypassable in the context of VMware Tanzu Spring Security, among other things.

Bitwarden CLI npm package compromised to steal developer credentials

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.

New GopherWhisper APT group abuses Outlook, Slack, Discord for comms

A previously undocumented state-backed threat actor named GopherWhisper is using a Go-based custom toolkit and legitimate ...
Gulf Business

Jet fuel prices double — here’s how global airlines are scrambling to respond

Jet fuel prices have surged to as much as $200 a barrel in recent weeks, forcing airlines worldwide to raise fares, cut capacity and reassess earnings as costs spiral ...