Supply chain attack on Axios npm package: Scope, impact, and remediations
The Axios npm package has been compromised in a supply chain attack that uploaded new versions of the package containing malicious code. Any environment that downloaded these compromised Axios versions is at risk of severe data theft. Scan your environment now.
What’s new in Tenable Cloud Security: Custom policies, AWS ABAC, and research-driven protection
Stop the noise and scale your cloud security. Our latest updates introduce custom policy automation via Explorer, AWS ABAC support for true least privilege, and research-backed protection against critical vulnerabilities, all designed to slash MTTR without disrupting your DevOps workflows.
Bolster your defenses and close the code-to-cloud gap with Tenable and OX
Today, cloud security teams face fragmented visibility and the challenge of prioritizing risks while identifying fix owners. A new joint solution from Tenable and OX helps you close the code-to-cloud gap from development through runtime. By combining CNAPP with deep AppSec, this integration is…
LeakyLooker: Hacking Google Cloud’s Data via Dangerous Looker Studio Vulnerabilities
Tenable Research revealed "LeakyLooker," a set of nine novel cross-tenant vulnerabilities in Google Looker Studio. These flaws could have let attackers exfiltrate or modify data across Google services like BigQuery and Google Sheets. Google has since remediated all identified issues.
New Malicious npm Package "ambar-src" Targets Developers with Open Source Malware
Tenable Research investigated a malicious npm package with around 50,000 downloads in the public registry. We observed various detection-evasion techniques and saw it deploy multiple powerful open-source malware variants.
La trappola della velocità del cloud e dell'IA: perché la governance è in ritardo rispetto all'innovazione
L'adozione dell'IA sta superando la tradizionale governance informatica. Il "Tenable Cloud and AI Security Risk Report 2026" rivela come identità con privilegi eccessivi e dipendenze della catena di approvvigionamento non monitorate lascino le organizzazioni esposte. Proponiamo 10 tattiche per bloccare i percorsi di attacco più critici.
LookOut: Discovering RCE and Internal Access on Looker (Google Cloud & On-Prem)
Tenable Research discovered two novel vulnerabilities in Google Looker that could allow an attacker to completely compromise a Looker instance. Google moved swiftly to patch these issues. Organizations running Looker on-prem should verify they have upgraded to the patched versions.
What’s New in Tenable Cloud Security: Multi-cloud Risk Analysis, Attack Surface Assessments, Improved IAM Security and More
Tenable Cloud Security continues to expand the technical depth of our Tenable One exposure management platform. Our latest enhancements include unified multi-cloud exploration, high-fidelity network validation, and expanded entitlement visibility across infrastructure and identity providers.
Tenable Is a Gartner® Peer Insights™ Customers’ Choice for Cloud-Native Application Protection Platforms
This recognition — based entirely on feedback from the people who use our products every day — to us is a testament to the unmatched value Tenable Cloud Security CNAPP offers organizations worldwide.
La regola del 3%: come silenziare il 97% degli avvisi del cloud e garantire maggiore sicurezza
Prioritizzare ciò che deve essere risolto prima e perché è davvero importante
Complying with the Monetary Authority of Singapore’s Cloud Advisory: How Tenable Can Help
The Monetary Authority of Singapore’s cloud advisory, part of its 2021 Technology Risk Management Guidelines, advises financial institutions to move beyond siloed monitoring to adopt a continuous, enterprise-wide approach. These firms must undergo annual audits. Here’s how Tenable can help.
Securing Federal Cloud Environments: Overcoming 5 Key Challenges with Tenable Cloud Security
U.S. government agencies face unique challenges as they adopt cloud technologies to meet digital modernization initiatives and adhere to a cloud-first policy. Here’s how Tenable Cloud Security FedRAMP can help.
