Security Boulevard

The Trivy Compromise: The Fallacy of Secrets Management and the Case for Workload Identity

The Trivy incident exposed a credential architecture failure, not just a supply chain one. Here’s the case for workload identity and access. The post The Trivy Compromise: The Fallacy of Secrets ...
Dark Reading

Goodbye? Attackers Can Bypass 'Windows Hello' Strong Authentication

­Microsoft's Windows Hello for Business (WHfB) default phishing-resistant authentication model recently was found susceptible to downgrade attacks, allowing threat actors to crack into even ...