menu
Feed The Dev

Security

Cybercriminals Use Unicode to Hide Mongolian Skimmer in E-Commerce Platforms
Cybersecurity researchers have shed light on a new digital skimmer campaign that leverages Unicode obfuscation techniques to conceal a skimmer dubbed Mongolian Skimmer. "At first glance, the thing that stood out was the script's obfuscation, which seem...
2024-10-10 12:48
local_offer
News Security
CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Fortinet products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tr...
2024-10-10 11:14
local_offer
News Security
Firefox Zero-Day Under Attack: Update Your Browser Immediately
Mozilla has revealed that a critical security flaw impacting Firefox and Firefox Extended Support Release (ESR) has come under active exploitation in the wild. The vulnerability, tracked as CVE-2024-9680, has been described as a use-after-free bug in t...
2024-10-10 09:54
local_offer
News Security
Google Joins Forces with GASA and DNS RF to Tackle Online Scams at Scale
Google on Wednesday announced a new partnership with the Global Anti-Scam Alliance (GASA) and DNS Research Federation (DNS RF) to combat online scams. The initiative, which has been codenamed the Global Signal Exchange (GSE), is designed to create real...
2024-10-09 22:30
local_offer
News Security
Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries
Details have emerged about multiple security vulnerabilities in two implementations of the Manufacturing Message Specification (MMS) protocol that, if successfully exploited, could have severe impacts in industrial environments. "The vulnerabilities co...
2024-10-09 21:03
local_offer
News Security
N. Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform Malware
Threat actors with ties to North Korea have been observed targeting job seekers in the tech industry to deliver updated versions of known malware families tracked as BeaverTail and InvisibleFerret. The activity cluster, tracked as CL-STA-0240, is part ...
2024-10-09 19:03
local_offer
News Security
Social Media Accounts: The Weak Link in Organizational SaaS Security
Social media accounts help shape a brand’s identity and reputation. These public forums engage directly with customers as they are a hub to connect, share content and answer questions. However, despite the high profile role these accounts have, many ...
2024-10-09 16:30
local_offer
News Security
Microsoft Issues Security Update Fixing 118 Flaws, Two Actively Exploited in the Wild
Microsoft has released security updates to fix a total of 118 vulnerabilities across its software portfolio, two of which have come under active exploitation in the wild. Of the 118 flaws, three are rated Critical, 113 are rated Important, and two are ...
2024-10-09 12:23
local_offer
News Security
Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks
Microsoft is warning of cyber attack campaigns that abuse legitimate file hosting services such as SharePoint, OneDrive, and Dropbox that are widely used in enterprise environments as a defense evasion tactic. The end goal of the campaigns are broad an...
2024-10-09 09:52
local_offer
News Security
Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited
Ivanti has warned that three new security vulnerabilities impacting its Cloud Service Appliance (CSA) have come under active exploitation in the wild. The zero-day flaws are being weaponized in conjunction with another flaw in CSA that the company patc...
2024-10-08 22:08
local_offer
News Security
Gamers Tricked Into Downloading Lua-Based Malware via Fake Cheating Script Engines
Users searching for game cheats are being tricked into downloading a Lua-based malware that is capable of establishing persistence on infected systems and delivering additional payloads. "These attacks capitalize on the popularity of Lua gaming engine ...
2024-10-08 21:56
local_offer
News Security
Cyberattack Group 'Awaken Likho' Targets Russian Government with Advanced Tools
Russian government agencies and industrial entities are the target of an ongoing activity cluster dubbed Awaken Likho. "The attackers now prefer using the agent for the legitimate MeshCentral platform instead of the UltraVNC module, which they had prev...
2024-10-08 16:47
local_offer
News Security
New Case Study: The Evil Twin Checkout Page
Is your store at risk? Discover how an innovative web security solution saved one global online retailer and its unsuspecting customers from an “evil twin” disaster. Read the full real-life case study here. The Invisible Threat in Online Shopping W...
2024-10-08 16:28
local_offer
News Security
The Value of AI-Powered Identity
Introduction Artificial intelligence (AI) deepfakes and misinformation may cause worry in the world of technology and investment, but this powerful, foundational technology has the potential to benefit organizations of all kinds when harnessed appropri...
2024-10-08 15:40
local_offer
News Security
GoldenJackal Target Embassies and Air-Gapped Systems Using Malware Toolsets
A little-known threat actor tracked as GoldenJackal has been linked to a series of cyber attacks targeting embassies and governmental organizations with an aim to infiltrate air-gapped systems using two disparate bespoke toolsets. Victims included a So...
2024-10-08 14:51
local_offer
News Security
Pro-Ukrainian Hackers Strike Russian State TV on Putin's Birthday
Ukraine has claimed responsibility for a cyber attack that targeted Russia state media company VGTRK and disrupted its operations, according to reports from Bloomberg and Reuters. The incident took place on the night of October 7, VGTRK confirmed, desc...
2024-10-08 11:19
local_offer
News Security
Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits
Qualcomm has rolled out security updates to address nearly two dozen flaws spanning proprietary and open-source components, including one that has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2024-43047 (C...
2024-10-08 09:37
local_offer
News Security
Vulnerable APIs and Bot Attacks Costing Businesses Up to $186 Billion Annually
Organizations are losing between $94 - $186 billion annually to vulnerable or insecure APIs (Application Programming Interfaces) and automated abuse by bots. That’s according to The Economic Impact of API and Bot Attacks report from Imperva, a Thales...
2024-10-07 16:55
local_offer
News Security
Modernization of Authentication: Webinar on MFA, Passwords, and the Shift to Passwordless
The interest in passwordless authentication has increased due to the rise of hybrid work environments and widespread digitization. This has led to a greater need for reliable data security and user-friendly interfaces. Without these measures, organizat...
2024-10-07 15:35
local_offer
News Security
New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries
Cybersecurity researchers have discovered a new botnet malware family called Gorilla (aka GorillaBot) that is a variant of the leaked Mirai botnet source code. Cybersecurity firm NSFOCUS, which identified the activity last month, said the botnet "issue...
2024-10-07 15:29
local_offer
News Security

About Feed The Dev

Feed The Dev is a simple news aggragator for developers created by Alex Seifert. It collects news from various sources and displays them in one place.

Find out more on the about page.

Add a Feed

If there is a news source that you would like to see on Feed The Dev, please see this Github repository for instructions.

Popular Tags

News Operating Systems Microsoft Windows Open Source Apple iOS macOS iPad iPhone Mac Hardware

Support Feed The Dev

If you enjoy using Feed The Dev, please consider a donation to help keep the site running and the content coming!

Feed The Dev