menu
Feed The Dev

Security

Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails
Microsoft has shed light on an ongoing phishing campaign that targeted the hospitality sector by impersonating online travel agency Booking.com using an increasingly popular social engineering technique called ClickFix to deliver credential-stealing ma...
2025-03-13 20:56
local_offer
News Security
North Korea’s ScarCruft Deploys KoSpy Malware, Spying on Android Users via Fake Utility Apps
The North Korea-linked threat actor known as ScarCruft is said to have been behind a never-before-seen Android surveillance tool named KoSpy targeting Korean and English-speaking users. Lookout, which shared details of the malware campaign, said the ea...
2025-03-13 19:53
local_offer
News Security
GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks
Two high-severity security flaws have been disclosed in the open-source ruby-saml library that could allow malicious actors to bypass Security Assertion Markup Language (SAML) authentication protections. SAML is an XML-based markup language and open-st...
2025-03-13 17:56
local_offer
News Security
Future-Proofing Business Continuity: BCDR Trends and Challenges for 2025
As IT environments grow more complex, IT professionals are facing unprecedented pressure to secure business-critical data. With hybrid work the new standard and cloud adoption on the rise, data is increasingly distributed across different environments,...
2025-03-13 16:30
local_offer
News Security
Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk
Meta has warned that a security vulnerability impacting the FreeType open-source font rendering library may have been exploited in the wild. The vulnerability has been assigned the CVE identifier CVE-2025-27363, and carries a CVSS score of 8.1, indicat...
2025-03-13 12:43
local_offer
News Security
WARNING: Expiring Root Certificate May Disable Firefox Add-Ons, Security Features, and DRM Playback
Browser maker Mozilla is urging users to update their Firefox instances to the latest version to avoid facing issues with using add-ons due to the impending expiration of a root certificate. "On March 14, 2025, a root certificate used to verify signed ...
2025-03-13 12:38
local_offer
News Security
Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits
The China-nexus cyber espionage group tracked as UNC3886 has been observed targeting end-of-life MX routers from Juniper Networks as part of a campaign designed to deploy custom backdoors, highlighting their ability to focus on internal networking infr...
2025-03-12 19:38
local_offer
News Security
Over 400 IPs Exploiting Multiple SSRF Vulnerabilities in Coordinated Cyber Attack
Threat intelligence firm GreyNoise is warning of a "coordinated surge" in the exploitation of Server-Side Request Forgery (SSRF) vulnerabilities spanning multiple platforms. "At least 400 IPs have been seen actively exploiting multiple SSRF CVEs simult...
2025-03-12 17:26
local_offer
News Security
Pentesters: Is AI Coming for Your Role?
We’ve been hearing the same story for years: AI is coming for your job. In fact, in 2017, McKinsey printed a report, Jobs Lost, Jobs Gained: Workforce Transitions in a Time of Automation, predicting that by 2030, 375 million workers would need to fin...
2025-03-12 15:55
local_offer
News Security
URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days
Microsoft on Tuesday released security updates to address 57 security vulnerabilities in its software, including a whopping six zero-days that it said have been actively exploited in the wild. Of the 56 flaws, six are rated Critical, 50 are rated Impor...
2025-03-12 15:22
local_offer
News Security
Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks
Apple on Tuesday released a security update to address a zero-day flaw that it said has been exploited in "extremely sophisticated" attacks. The vulnerability has been assigned the CVE identifier CVE-2025-24201 and is rooted in the WebKit web browser e...
2025-03-12 09:32
local_offer
News Security
Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks
The threat actor known as Blind Eagle has been linked to a series of ongoing campaigns targeting Colombian institutions and government entities since November 2024. "The monitored campaigns targeted Colombian judicial institutions and other government ...
2025-03-11 20:05
local_offer
News Security
Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Infects Over 6,000 Devices
Unpatched TP-Link Archer routers have become the target of a new botnet campaign dubbed Ballista, according to new findings from the Cato CTRL team. "The botnet exploits a remote code execution (RCE) vulnerability in TP-Link Archer routers (CVE-2023-13...
2025-03-11 18:00
local_offer
News Security
Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Targets Over 6,000 Devices
Unpatched TP-Link Archer routers have become the target of a new botnet campaign dubbed Ballista, according to new findings from the Cato CTRL team. "The botnet exploits a remote code execution (RCE) vulnerability in TP-Link Archer routers (CVE-2023-13...
2025-03-11 18:00
local_offer
News Security
Your Risk Scores Are Lying: Adversarial Exposure Validation Exposes Real Threats
In cybersecurity, confidence is a double-edged sword. Organizations often operate under a false sense of security, believing that patched vulnerabilities, up-to-date tools, polished dashboards, and glowing risk scores guarantee safety. The reality is a...
2025-03-11 16:55
local_offer
News Security
Steganography Explained: How XWorm Hides Inside Images
Inside the most innocent-looking image, a breathtaking landscape, or a funny meme, something dangerous could be hiding, waiting for its moment to strike. No strange file names. No antivirus warnings. Just a harmless picture, secretly concealing a paylo...
2025-03-11 16:00
local_offer
News Security
SideWinder APT Targets Maritime, Nuclear, and IT Sectors Across Asia, Middle East, and Africa
Maritime and logistics companies in South and Southeast Asia, the Middle East, and Africa have become the target of an advanced persistent threat (APT) group dubbed SideWinder. The attacks, observed by Kaspersky in 2024, spread across Bangladesh, Cambo...
2025-03-11 12:30
local_offer
News Security
Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches
Taiwanese company Moxa has released a security update to address a critical security flaw impacting its PT switches that could permit an attacker to bypass authentication guarantees. The vulnerability, tracked as CVE-2024-12297, has been assigned a CVS...
2025-03-11 12:15
local_offer
News Security
CISA Adds Five Actively Exploited Vulnerabilities in Advantive VeraCore and Ivanti EPM to KEV List
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting Advantive VeraCore and Ivanti Endpoint Manager (EPM) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploi...
2025-03-11 09:28
local_offer
News Security
Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal Credentials
Cybersecurity researchers have demonstrated a novel technique that allows a malicious web browser extension to impersonate any installed add-on. "The polymorphic extensions create a pixel perfect replica of the target's icon, HTML popup, workflows and ...
2025-03-10 20:17
local_offer
News Security

About Feed The Dev

Feed The Dev is a simple news aggragator for developers created by Alex Seifert. It collects news from various sources and displays them in one place.

Find out more on the about page.

Add a Feed

If there is a news source that you would like to see on Feed The Dev, please see this Github repository for instructions.

Popular Tags

News Operating Systems Microsoft Windows Open Source Apple iOS macOS iPad iPhone Mac Hardware

Support Feed The Dev

If you enjoy using Feed The Dev, please consider a donation to help keep the site running and the content coming!

Feed The Dev