menu
Feed The Dev

Security

EPSS vs. CVSS: What’s the Best Approach to Vulnerability Prioritization?
Many businesses rely on the Common Vulnerability Scoring System (CVSS) to assess the severity of vulnerabilities for prioritization. While these scores provide some insight into the potential impact of a vulnerability, they don’t factor in real-world...
2024-09-26 16:30
local_offer
News Security
Watering Hole Attack on Kurdish Sites Distributing Malicious APKs and Spyware
As many as 25 websites linked to the Kurdish minority have been compromised as part of a watering hole attack designed to harvest sensitive information for over a year and a half. French cybersecurity firm Sekoia, which disclosed details of the campaig...
2024-09-26 16:13
local_offer
News Security
Cloudflare Warns of India-Linked Hackers Targeting South and East Asian Entities
An advanced threat actor with an India nexus has been observed using multiple cloud service providers to facilitate credential harvesting, malware delivery, and command-and-control (C2). Web infrastructure and security company Cloudflare is tracking th...
2024-09-26 11:48
local_offer
News Security
Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign
Nation-state threat actors backed by Beijing broke into a "handful" of U.S. internet service providers (ISPs) as part of a cyber espionage campaign orchestrated to glean sensitive information, The Wall Street Journal reported Wednesday. The activity ha...
2024-09-26 10:19
local_offer
News Security
Google's Shift to Rust Programming Cuts Android Memory Vulnerabilities by 52%
Google has revealed that its transition to memory-safe languages such as Rust as part of its secure-by-design approach has led to the percentage of memory-safe vulnerabilities discovered in Android dropping from 76% to 24% over a period of six years. T...
2024-09-25 22:30
local_offer
News Security
Google's Shift to Rust Programming Cuts Android Memory Vulnerabilities by 68%
Google has revealed that its transition to memory-safe languages such as Rust as part of its secure-by-design approach has led to the percentage of memory-safe vulnerabilities discovered in Android dropping from 76% to 24% over a period of six years. T...
2024-09-25 22:30
local_offer
News Security
Mozilla Faces Privacy Complaint for Enabling Tracking in Firefox Without User Consent
Vienna-based privacy non-profit noyb (short for None Of Your Business) has filed a complaint with the Austrian data protection authority (DPA) against Firefox maker Mozilla for enabling a new feature called Privacy Preserving Attribution (PPA) without ...
2024-09-25 19:42
local_offer
News Security
Cybersecurity Researchers Warn of New Rust-Based Splinter Post-Exploitation Tool
Cybersecurity researchers have flagged the discovery of a new post-exploitation red team tool called Splinter in the wild. Palo Alto Networks Unit 42 shared its findings after it discovered the program on several customers' systems. "It has a standard ...
2024-09-25 18:08
local_offer
News Security
Expert Tips on How to Spot a Phishing Link
Phishing attacks are becoming more advanced and harder to detect, but there are still telltale signs that can help you spot them before it's too late. See these key indicators that security experts use to identify phishing links:1. Check Suspicious URL...
2024-09-25 16:50
local_offer
News Security
Agentic AI in SOCs: A Solution to SOAR's Unfulfilled Promises
Security Orchestration, Automation, and Response (SOAR) was introduced with the promise of revolutionizing Security Operations Centers (SOCs) through automation, reducing manual workloads and enhancing efficiency. However, despite three generations of ...
2024-09-25 15:20
local_offer
News Security
ChatGPT macOS Flaw Could've Enabled Long-Term Spyware via Memory Function
A now-patched security vulnerability in OpenAI's ChatGPT app for macOS could have made it possible for attackers to plant long-term persistent spyware into the artificial intelligence (AI) tool's memory. The technique, dubbed SpAIware, could be abused ...
2024-09-25 15:01
local_offer
News Security
Transportation Companies Hit by Cyberattacks Using Lumma Stealer and NetSupport Malware
Transportation and logistics companies in North America are the target of a new phishing campaign that delivers a variety of information stealers and remote access trojans (RATs). The activity cluster, per Proofpoint, makes use of compromised legitimat...
2024-09-25 12:33
local_offer
News Security
CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting Ivanti Virtual Traffic Manager (vTM) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. Th...
2024-09-25 11:31
local_offer
News Security
Necro Android Malware Found in Popular Camera and Browser Apps on Play Store
Altered versions of legitimate Android apps associated with Spotify, WhatsApp, and Minecraft have been used to deliver a new version of a known malware loader called Necro. Kaspersky said some of the malicious apps have also been found on the Google Pl...
2024-09-24 21:43
local_offer
News Security
U.S. Proposes Ban on Connected Vehicles Using Chinese and Russian Tech
The U.S. Department of Commerce (DoC) said it's proposing a ban on the import or sale of connected vehicles that integrate software and hardware made by foreign adversaries, particularly that of the People's Republic of China (PRC) and Russia. "The pro...
2024-09-24 18:33
local_offer
News Security
Discover Latest Ransomware Tactics and Zero Trust Strategies in This Expert Webinar
Ransomware is no longer just a threat; it's an entire industry. Cybercriminals are growing more sophisticated, and their tactics are evolving rapidly. This persistent danger is a major concern for business leaders. But there's good news: you don't have...
2024-09-24 17:30
local_offer
News Security
Kaspersky Exits U.S., Automatically Replaces Software With UltraAV, Raising Concerns
Antivirus vendor Kaspersky has formally begun pulling back its offerings in the U.S., migrating existing users to UltraAV, effective September 19, 2024, ahead of its formal exit at the end of the month. "Kaspersky antivirus customers received a softwar...
2024-09-24 17:28
local_offer
News Security
The SSPM Justification Kit
SaaS applications contain a wealth of sensitive data and are central to business operations. Despite this, far too many organizations rely on half measures and hope their SaaS stack will remain secure. Unfortunately, this approach is lacking and will l...
2024-09-24 16:30
local_offer
News Security
New Octo2 Android Banking Trojan Emerges with Device Takeover Capabilities
Cybersecurity researchers have discovered a new version of an Android banking trojan called Octo that comes with improved capabilities to conduct device takeover (DTO) and perform fraudulent transactions. The new version has been codenamed Octo2 by the...
2024-09-24 15:07
local_offer
News Security
Telegram Agrees to Share User Data With Authorities for Criminal Investigations
In a major policy reversal, the popular messaging app Telegram has announced it will give users' IP addresses and phone numbers to authorities in response to valid legal requests in an attempt to rein in criminal activity on the platform. "We've made i...
2024-09-24 12:03
local_offer
News Security

About Feed The Dev

Feed The Dev is a simple news aggragator for developers created by Alex Seifert. It collects news from various sources and displays them in one place.

Find out more on the about page.

Add a Feed

If there is a news source that you would like to see on Feed The Dev, please see this Github repository for instructions.

Popular Tags

News Operating Systems Microsoft Windows Open Source Apple iOS macOS iPad iPhone Mac Hardware

Support Feed The Dev

If you enjoy using Feed The Dev, please consider a donation to help keep the site running and the content coming!

Feed The Dev