menu
Feed The Dev

Security

New Supply Chain Malware Operation Hits npm and PyPI Ecosystems, Targeting Millions Globally
Cybersecurity researchers have flagged a supply chain attack targeting over a dozen packages associated with GlueStack to deliver malware. The malware, introduced via a change to "lib/commonjs/index.js," allows an attacker to run shell commands, take s...
2025-06-08 19:17
local_offer
News Security
Malicious Browser Extensions Infect Over 700 Users Across Latin America Since Early 2025
Cybersecurity researchers have shed light on a new campaign targeting Brazilian users since the start of 2025 to infect users with a malicious extension for Chromium-based web browsers and siphon user authentication data. "Some of the phishing emails w...
2025-06-08 13:31
local_offer
News Security
Malicious Browser Extensions Infect 722 Users Across Latin America Since Early 2025
Cybersecurity researchers have shed light on a new campaign targeting Brazilian users since the start of 2025 to infect users with a malicious extension for Chromium-based web browsers and siphon user authentication data. "Some of the phishing emails w...
2025-06-08 13:31
local_offer
News Security
New Atomic macOS Stealer Campaign Exploits ClickFix to Target Apple Users
Cybersecurity researchers are alerting to a new malware campaign that employs the ClickFix social engineering tactic to trick users into downloading an information stealer malware known as Atomic macOS Stealer (AMOS) on Apple macOS systems. The campaig...
2025-06-06 21:55
local_offer
News Security
Empower Users and Protect Against GenAI Data Loss
When generative AI tools became widely available in late 2022, it wasn’t just technologists who paid attention. Employees across all industries immediately recognized the potential of generative AI to boost productivity, streamline communication and ...
2025-06-06 19:11
local_offer
News Security
Microsoft Helps CBI Dismantle Indian Call Centers Behind Japanese Tech Support Scam
India's Central Bureau of Investigation (CBI) has revealed that it has arrested four individuals and dismantled two illegal call centers that were found to be engaging in a sophisticated transnational tech support scam targeting Japanese citizens. The ...
2025-06-06 18:42
local_offer
News Security
Inside the Mind of the Adversary: Why More Security Leaders Are Selecting AEV
Cybersecurity involves both playing the good guy and the bad guy. Diving deep into advanced technologies and yet also going rogue in the Dark Web. Defining technical policies and also profiling attacker behavior. Security teams cannot be focused on jus...
2025-06-06 16:00
local_offer
News Security
New PathWiper Data Wiper Malware Disrupts Ukrainian Critical Infrastructure in 2025 Attack
A critical infrastructure entity within Ukraine was targeted by a previously unseen data wiper malware named PathWiper, according to new findings from Cisco Talos. "The attack was instrumented via a legitimate endpoint administration framework, indicat...
2025-06-06 14:05
local_offer
News Security
Popular Chrome Extensions Leak API Keys, User Data via HTTP and Hard-Coded Credentials
Cybersecurity researchers have flagged several popular Google Chrome extensions that have been found to transmit data in HTTP and hard-code secrets in their code, exposing users to privacy and security risks. "Several widely used extensions [...] unint...
2025-06-05 21:23
local_offer
News Security
Popular Chrome Extensions Leak API Keys, User Data via HTTP and Hardcoded Credentials
Cybersecurity researchers have flagged several popular Google Chrome extensions that have been found to transmit data in HTTP and hard-code secrets in their code, exposing users to privacy and security risks. "Several widely used extensions [...] unint...
2025-06-05 21:23
local_offer
News Security
Researchers Detail Bitter APT’s Evolving Tactics as Its Geographic Scope Expands
The threat actor known as Bitter has been assessed to be a state-backed hacking group that's tasked with gathering intelligence that aligns with the interests of the Indian government. That's according to new findings jointly published by Proofpoint an...
2025-06-05 19:23
local_offer
News Security
Redefining Cyber Value: Why Business Impact Should Lead the Security Conversation
Security teams face growing demands with more tools, more data, and higher expectations than ever. Boards approve large security budgets, yet still ask the same question: what is the business getting in return? CISOs respond with reports on controls an...
2025-06-05 16:55
local_offer
News Security
Iran-Linked BladedFeline Hits Iraqi and Kurdish Targets with Whisper and Spearal Malware
An Iran-aligned hacking group has been attributed to a new set of cyber attacks targeting Kurdish and Iraqi government officials in early 2024. The activity is tied to a threat group ESET tracks as BladedFeline, which is assessed with medium confidence...
2025-06-05 16:29
local_offer
News Security
DoJ Seizes 145 Domains Tied to BidenCash Carding Marketplace in Global Takedown
The U.S. Department of Justice (DoJ) on Wednesday announced the seizure of cryptocurrency funds and about 145 clearnet and dark web domains associated with an illicit carding marketplace called BidenCash. "The operators of the BidenCash marketplace use...
2025-06-05 15:46
local_offer
News Security
Critical Cisco ISE Auth Bypass Flaw Impacts Cloud Deployments on AWS, Azure, and OCI
Cisco has released security patches to address a critical security flaw impacting the Identity Services Engine (ISE) that, if successfully exploited, could allow unauthenticated actors to carry out malicious actions on susceptible systems. The security...
2025-06-05 11:07
local_offer
News Security
Google Exposes Vishing Group UNC6040 Targeting Salesforce with Fake Data Loader App
Google has disclosed details of a financially motivated threat cluster that it said "specialises" in voice phishing (aka vishing) campaigns designed to breach organizations' Salesforce instances for large-scale data theft and subsequent extortion. The ...
2025-06-04 20:54
local_offer
News Security
Chaos RAT Malware Targets Windows and Linux via Fake Network Tool Downloads
Threat hunters are calling attention to a new variant of a remote access trojan (RAT) called Chaos RAT that has been used in recent attacks targeting Windows and Linux systems. According to findings from Acronis, the malware artifact may have been dist...
2025-06-04 18:25
local_offer
News Security
Your SaaS Data Isn't Safe: Why Traditional DLP Solutions Fail in the Browser Era
Traditional data leakage prevention (DLP) tools aren't keeping pace with the realities of how modern businesses use SaaS applications. Companies today rely heavily on SaaS platforms like Google Workspace, Salesforce, Slack, and generative AI tools, sig...
2025-06-04 17:43
local_offer
News Security
Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks
Several malicious packages have been uncovered across the npm, Python, and Ruby package repositories that drain funds from cryptocurrency wallets, erase entire codebases after installation, and exfiltrate Telegram API tokens, once again demonstrating t...
2025-06-04 15:41
local_offer
News Security
HPE Issues Security Patch for StoreOnce Bug Allowing Remote Authentication Bypass
Hewlett Packard Enterprise (HPE) has released security updates to address as many as eight vulnerabilities in its StoreOnce data backup and deduplication solution that could result in an authentication bypass and remote code execution. "These vulnerabi...
2025-06-04 10:53
local_offer
News Security

About Feed The Dev

Feed The Dev is a simple news aggragator for developers created by Alex Seifert. It collects news from various sources and displays them in one place.

Find out more on the about page.

Add a Feed

If there is a news source that you would like to see on Feed The Dev, please see this Github repository for instructions.

Popular Tags

News Operating Systems Microsoft Windows Open Source Apple iOS macOS iPad iPhone Mac Hardware

Support Feed The Dev

If you enjoy using Feed The Dev, please consider a donation to help keep the site running and the content coming!

Feed The Dev