Turngate

GlassWorm: First Self-Propagating Worm Using Invisible Code Hits OpenVSX Marketplace | Koi Blog

The folks at Koi discovered GlassWorm, the world's first worm targeting VS Code extensions on OpenVSX marketplace.

www.koi.ai/blog/glasswo...

In case you didn't hear, F5 has reported that a "nation-state threat actor maintained long-term, persistent access to, and downloaded files from, certain F5 systems,” including source code and vulnerability info.

www.helpnetsecurity.com/2025/10/15/f...

F5's statement:

my.f5.com/manage/s/art...

Experts warn a maximum severity GoAnywhere MFT flaw is now being exploited as a zero day A patch is already released, so hurry up

GoAnywhere MFT is warning users to install a new patch that fixes a deserialization vulnerability in the License Servlet that allows threat actors to run command injection attacks.

www.techradar.com/pro/security...

Insider Risk 101: Build a Program Without Breaking the Bank A defender’s guide to insider risk. What it is, how it differs from insider threat, and a middle-ground program that uses metadata, lightweight DLP, and Turngate to spot problems early without turning...

When building an insider risk program, practicality is key. That is why our latest blog post lays out a middle-ground approach that is budget friendly and allows you to spot problems early with clarity, and without creating a jumbo-sized project.

www.turngate.io/blog/insider...

Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors | Google Cloud Blog BRICKSTORM is a stealthy backdoor used by suspected China-nexus actors for long-term espionage.

The Google Threat Intelligence Group has published a report about the BRICKSTORM malware that has been allowing backdoor access across sectors for the last year.

cloud.google.com/blog/topics/...

Seven Steps to Set Up a SOC Without a Traditional SIEM At Turngate, we’re here to challenge the idea that you can’t properly identify key security events in your SOC without SIEM.

Good security investigations are about strategy, not spectacle. In our latest blogpost, we lay out a seven step budget- and user-friendly approach on setting up a SOC without a SIEM to make the most of your log data.

www.turngate.io/blog/seven-s...

SaaS Security Capability Framework (SSCF) | CSA The SaaS Security Capability Framework defines configurable, consumable, and customer-facing security controls provided by SaaS vendors to their customers.

The Cloud Security Alliance announced the launch of the SaaS Security Capability Framework (SSCF), a new technical framework that defines configurable, consumable, and customer-facing security controls provided by SaaS vendors to their customers.

cloudsecurityalliance.org/artifacts/sa...

If you have been wanting more information on the Salesforce Drift breach, Tom Uren breaks down the authorization sprawl attack as well as the responses from the victim organizations.

www.lawfaremedia.org/article/expl...

Trusted Connections, Hidden Risks: Token Management in the Third-Party Supply Chain Effective OAuth token management is crucial for supply chain security, preventing breaches caused by dormant integrations, insecure storage or lack of rotation.

This week Turngate hosted a mixer where we discussed current OAuth concerns. This article by Bill Batchelor, Eyal Rafian, and Nathaniel Quist expands on that with their own insights on OAuth token risks and best practices organizations can implement.

unit42.paloaltonetworks.com/third-party-...

A deep dive into Cloudflare’s September 12, 2025 dashboard and API outage Cloudflare’s Dashboard and a set of related APIs were unavailable or partially available for an hour starting on Sep 12, 17:57 UTC. The outage did not affect the serving of cached files via the Cloud...

If you were affected by the Cloudflare outage last Friday, they released a blogpost this weekend detailing how a bug in the dashboard caused repeated, unnecessary calls to the Tenant Service API which ultimately overwhelmed the service.

blog.cloudflare.com/deep-dive-in...

Secure access, minimize tech debt: a browser-based strategy for the SaaS-driven enterprise Reimagining browser access to eliminate tech debt

We found an interesting article about the risks associated with the growing tech debt within the SaaS world.

www.techradar.com/pro/secure-a...

So, as we are new here we wanted to introduce ourselves! If you want to know more, check out turngate.io

Hello, World!