menu
Feed The Dev

Security

Fake Job Applications Deliver Dangerous More_eggs Malware to HR Professionals
A spear-phishing email campaign has been observed targeting recruiters with a JavaScript backdoor called More_eggs, indicating persistent efforts to single out the sector under the guise of fake job applicant lures. "A sophisticated spear-phishing lure...
2024-10-02 20:38
local_offer
News Security
Alert: Over 700,000 DrayTek Routers Exposed to Hacking via 14 New Vulnerabilities
A little over a dozen new security vulnerabilities have been discovered in residential and enterprise routers manufactured by DrayTek that could be exploited to take over susceptible devices. "These vulnerabilities could enable attackers to take contro...
2024-10-02 18:30
local_offer
News Security
Alert: Adobe Commerce and Magento Stores Under Attack from CosmicSting Exploit
Cybersecurity researchers have disclosed that 5% of all Adobe Commerce and Magento stores have been hacked by malicious actors by exploiting a security vulnerability dubbed CosmicSting. Tracked as CVE-2024-34102 (CVSS score: 9.8), the critical flaw rel...
2024-10-02 17:43
local_offer
News Security
5 Must-Have Tools for Effective Dynamic Malware Analysis
Dynamic malware analysis is a key part of any threat investigation. It involves executing a sample of a malicious program in the isolated environment of a malware sandbox to monitor its behavior and gather actionable indicators. Effective analysis must...
2024-10-02 16:30
local_offer
News Security
Andariel Hacking Group Shifts Focus to Financial Attacks on U.S. Organizations
Three different organizations in the U.S. were targeted in August 2024 by a North Korean state-sponsored threat actor called Andariel as part of a likely financially motivated attack. "While the attackers didn't succeed in deploying ransomware on the n...
2024-10-02 15:30
local_offer
News Security
Researchers Sound Alarm on Active Attacks Exploiting Critical Zimbra Postjournal Flaw
Cybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor's Zimbra Collaboration. Enterprise security firm Proofpoint said it began observing the activity starting September 28, 2024. ...
2024-10-02 11:26
local_offer
News Security
Researchers Warn of Ongoing Attacks Exploiting Critical Zimbra Postjournal Flaw
Cybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor's Zimbra Collaboration. Enterprise security firm Proofpoint said it began observing the activity starting September 28, 2024. ...
2024-10-02 11:26
local_offer
News Security
PyPI Repository Found Hosting Fake Crypto Wallet Recovery Tools That Steal User Data
A new set of malicious packages has been unearthed in the Python Package Index (PyPI) repository that masqueraded as cryptocurrency wallet recovery and management services, only to siphon sensitive data and facilitate the theft of valuable digital asse...
2024-10-02 11:01
local_offer
News Security
AI-Powered Rhadamanthys Stealer Targets Crypto Wallets with Image Recognition
The threat actors behind the Rhadamanthys information stealer have added new advanced features to the malware, including using artificial intelligence (AI) for optical character recognition (OCR) as part of what's called "Seed Phrase Image Recognition....
2024-10-01 22:04
local_offer
News Security
5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage
Since its emergence, Generative AI has revolutionized enterprise productivity. GenAI tools enable faster and more effective software development, financial analysis, business planning, and customer engagement. However, this business agility comes with ...
2024-10-01 16:00
local_offer
News Security
Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials
More than 140,000 phishing websites have been found linked to a phishing-as-a-service (PhaaS) platform named Sniper Dz over the past year, indicating that it's being used by a large number of cybercriminals to conduct credential theft. "For prospective...
2024-10-01 08:00
local_offer
News Security
New Cryptojacking Attack Targets Docker API to Create Malicious Swarm Botnet
Cybersecurity researchers have uncovered a new cryptojacking campaign targeting the Docker Engine API with the goal of co-opting the instances to join a malicious Docker Swarm controlled by the threat actor. This enabled the attackers to "use Docker Sw...
2024-10-01 06:00
local_offer
News Security
U.K. Hacker Charged in $3.75 Million Insider Trading Scheme Using Hacked Executive Emails
The U.S. Department of Justice (DoJ) has charged a 39-year-old U.K. national for perpetrating a hack-to-trade fraud scheme that netted him nearly $3.75 million in illegal profits. Robert Westbrook of London was arrested last week and is expected to be ...
2024-10-01 03:00
local_offer
News Security
THN Cybersecurity Recap: Last Week's Top Threats and Trends (September 23-29)
Hold onto your hats, folks, because the cybersecurity world is anything but quiet! Last week, we dodged a bullet when we discovered vulnerabilities in CUPS that could've opened the door to remote attacks. Google's switch to Rust is paying off big time,...
2024-09-30 14:00
local_offer
News Security
Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks
Critical security vulnerabilities have been disclosed in six different Automatic Tank Gauge (ATG) systems from five manufacturers that could expose them to remote attacks. "These vulnerabilities pose significant real-world risks, as they could be explo...
2024-09-30 13:00
local_offer
News Security
Session Hijacking 2.0 — The Latest Way That Attackers are Bypassing MFA
Attackers are increasingly turning to session hijacking to get around widespread MFA adoption. The data supports this, as: 147,000 token replay attacks were detected by Microsoft in 2023, a 111% increase year-over-year (Microsoft).  Attacks on ses...
2024-09-30 13:00
local_offer
News Security
A Hacker's Era: Why Microsoft 365 Protection Reigns Supreme
Imagine a sophisticated cyberattack cripples your organization’s most critical productivity and collaboration tool — the platform you rely on for daily operations. In the blink of an eye, hackers encrypt your emails, files, and crucial business dat...
2024-09-30 12:00
local_offer
News Security
Meta Fined €91 Million for Storing Millions of Facebook and Instagram Passwords in Plaintext
The Irish Data Protection Commission (DPC) has fined Meta €91 million ($101.56 million) as part of a probe into a security lapse in March 2019, when the company disclosed that it had mistakenly stored users' passwords in plaintext in its systems. The...
2024-09-30 07:00
local_offer
News Security
Crypto Scam App Disguised as WalletConnect Steals $70K in Five-Month Campaign
Cybersecurity researchers have discovered a malicious Android app on the Google Play Store that enabled the threat actors behind it to steal approximately $70,000 in cryptocurrency from victims over a period of nearly five months. The dodgy app, identi...
2024-09-28 15:24
local_offer
News Security
U.S. Charges Three Iranian Nationals for Election Interference and Cybercrimes
U.S. federal prosecutors on Friday unsealed criminal charges against three Iranian nationals who are allegedly employed with the Islamic Revolutionary Guard Corps (IRGC) for their targeting of current and former officials to steal sensitive data. The D...
2024-09-28 11:33
local_offer
News Security

About Feed The Dev

Feed The Dev is a simple news aggragator for developers created by Alex Seifert. It collects news from various sources and displays them in one place.

Find out more on the about page.

Add a Feed

If there is a news source that you would like to see on Feed The Dev, please see this Github repository for instructions.

Popular Tags

News Operating Systems Microsoft Windows Open Source Apple iOS macOS iPad iPhone Mac Hardware

Support Feed The Dev

If you enjoy using Feed The Dev, please consider a donation to help keep the site running and the content coming!

Feed The Dev