menu
Feed The Dev

Security

Google Cloud to Enforce Multi-Factor Authentication by 2025 for All Users
2024-11-06 11:07
local_offer
News Security
Google Cloud to Enforce Multi-Factor Authentication by 2025 for All Users
Google's cloud division has announced that it will enforce mandatory multi-factor authentication (MFA) for all users by the end of 2025 as part of its efforts to improve account security. "We will be implementing mandatory MFA for Google Cloud in a pha...
2024-11-06 11:07
local_offer
News Security
FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions
The U.S. Federal Bureau of Investigation (FBI) has sought assistance from the public in connection with an investigation involving the breach of edge devices and computer networks belonging to companies and government entities. "An Advanced Persistent ...
2024-11-05 22:45
local_offer
News Security
New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers
Over 1,500 Android devices have been infected by a new strain of Android banking malware called ToxicPanda that allows threat actors to conduct fraudulent banking transactions. "ToxicPanda's main goal is to initiate money transfers from compromised dev...
2024-11-05 17:46
local_offer
News Security
Leveraging Wazuh for Zero Trust security
Zero Trust security changes how organizations handle security by doing away with implicit trust while continuously analyzing and validating access requests. Contrary to perimeter-based security, users within an environment are not automatically trusted...
2024-11-05 16:30
local_offer
News Security
Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices
Taiwanese network-attached storage (NAS) appliance maker Synology has addressed a critical security flaw impacting DiskStation and BeePhotos that could lead to remote code execution. Tracked as CVE-2024-10443 and dubbed RISK:STATION by Midnight Blue, t...
2024-11-05 15:04
local_offer
News Security
Malware Campaign Uses Ethereum Smart Contracts to Control npm Typosquat Packages
An ongoing campaign is targeting npm developers with hundreds of typosquat versions of their legitimate counterparts in an attempt to trick them into running cross-platform malware. The attack is notable for utilizing Ethereum smart contracts for comma...
2024-11-05 11:03
local_offer
News Security
Canadian Suspect Arrested Over Snowflake Customer Breach and Extortion Attacks
Canadian law enforcement authorities have arrested an individual who is suspected to have conducted a series of hacks stemming from the breach of cloud data warehousing platform Snowflake earlier this year. The individual in question, Alexander "Connor...
2024-11-05 10:38
local_offer
News Security
Canadian Suspect Arrested Over Snowflake Data Breach and Extortion Attacks
Canadian law enforcement authorities have arrested an individual who is suspected to have conducted a series of hacks stemming from the breach of cloud data warehousing platform Snowflake earlier this year. The individual in question, Alexander "Connor...
2024-11-05 10:38
local_offer
News Security
Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System
Google has warned that a security flaw impacting its Android operating system has come under active exploitation in the wild. The vulnerability, tracked as CVE-2024-43093, has been described as a privilege escalation flaw in the Android Framework compo...
2024-11-05 09:00
local_offer
News Security
Critical Flaws in Ollama AI Framework Could Enable DoS, Model Theft, and Poisoning
Cybersecurity researchers have disclosed six security flaws in the Ollama artificial intelligence (AI) framework that could be exploited by a malicious actor to perform various actions, including denial-of-service, model poisoning, and model theft. "Co...
2024-11-04 19:38
local_offer
News Security
German Police Disrupt DDoS-for-Hire Platform dstat[.]cc; Suspects Arrested
German law enforcement authorities have announced the disruption of a criminal service called dstat[.]cc that made it possible for other threat actors to easily mount distributed denial-of-service (DDoS) attacks. "The platform made such DDoS attacks ac...
2024-11-04 17:32
local_offer
News Security
THN Recap: Top Cybersecurity Threats, Tools, and Practices (Oct 28 - Nov 03)
This week was a total digital dumpster fire! Hackers were like, "Let's cause some chaos!" and went after everything from our browsers to those fancy cameras that zoom and spin. (You know, the ones they use in spy movies? 🕵️‍♀️) We're talking...
2024-11-04 16:58
local_offer
News Security
Cyber Threats That Could Impact the Retail Industry This Holiday Season (and What to Do About It)
As the holiday season approaches, retail businesses are gearing up for their annual surge in online (and in-store) traffic. Unfortunately, this increase in activity also attracts cybercriminals looking to exploit vulnerabilities for their gain.  Imper...
2024-11-04 16:30
local_offer
News Security
Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine
Google said it discovered a zero-day vulnerability in the SQLite open-source database engine using its large language model (LLM) assisted framework called Big Sleep (formerly Project Naptime). The tech giant described the development as the "first rea...
2024-11-04 15:34
local_offer
News Security
New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls
Cybersecurity researchers have discovered a new version of a well-known Android malware family dubbed FakeCall that employs voice phishing (aka vishing) techniques to trick users into parting with their personal information. "FakeCall is an extremely s...
2024-11-04 11:43
local_offer
News Security
Inside Iran’s Cyber Playbook: AI, Fake Hosting, and Psychological Warfare
U.S. and Israeli cybersecurity agencies have published a new advisory attributing an Iranian cyber group to targeting the 2024 Summer Olympics and compromising a French commercial dynamic display provider to show messages denouncing Israel's participat...
2024-11-01 19:39
local_offer
News Security
Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned
Cybersecurity researchers have flagged a "massive" campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even extract cloud credentials from the source code. The activity, codenamed EMERALDWHALE, is est...
2024-11-01 15:57
local_offer
News Security
5 SaaS Misconfigurations Leading to Major Fu*%@ Ups
With so many SaaS applications, a range of configuration options, API capabilities, endless integrations, and app-to-app connections, the SaaS risk possibilities are endless. Critical organizational assets and data are at risk from malicious actors, da...
2024-11-01 15:50
local_offer
News Security
Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft
Microsoft has revealed that a Chinese threat actor it tracks as Storm-0940 is leveraging a botnet called Quad7 to orchestrate highly evasive password spray attacks. The tech giant has given the botnet the name CovertNetwork-1658, stating the password s...
2024-11-01 15:18
local_offer
News Security

About Feed The Dev

Feed The Dev is a simple news aggragator for developers created by Alex Seifert. It collects news from various sources and displays them in one place.

Find out more on the about page.

Add a Feed

If there is a news source that you would like to see on Feed The Dev, please see this Github repository for instructions.

Popular Tags

News Operating Systems Microsoft Windows Open Source Apple iOS macOS iPad iPhone Mac Hardware

Support Feed The Dev

If you enjoy using Feed The Dev, please consider a donation to help keep the site running and the content coming!

Feed The Dev