menu
Feed The Dev

Security

Webinar: Learn How to Identify High-Risk Identity Gaps and Slash Security Debt in 2025
In today’s rapidly evolving digital landscape, weak identity security isn’t just a flaw—it’s a major risk that can expose your business to breaches and costly downtime. Many organizations are overwhelmed by an excess of user identities and agin...
2025-02-21 17:10
local_offer
News Security
AI-Powered Deception is a Menace to Our Societies
Wherever there’s been conflict in the world, propaganda has never been far away. Travel back in time to 515 BC and read the Behistun Inscription, an autobiography by Persian King Darius that discusses his rise to power. More recently, see how differe...
2025-02-21 16:30
local_offer
News Security
Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks
Cisco has confirmed that a Chinese threat actor known as Salt Typhoon gained access by likely abusing a known security flaw tracked as CVE-2018-0171, and by obtaining legitimate victim login credentials as part of a targeted campaign aimed at major U.S...
2025-02-21 13:08
local_offer
News Security
CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks
A high-severity security flaw impacting the Craft content management system (CMS) has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active explo...
2025-02-21 12:56
local_offer
News Security
North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware
Freelance software developers are the target of an ongoing campaign that leverages job interview-themed lures to deliver cross-platform malware families known as BeaverTail and InvisibleFerret. The activity, linked to North Korea, has been codenamed De...
2025-02-20 19:07
local_offer
News Security
PCI DSS 4.0 Mandates DMARC By 31st March 2025
The payment card industry has set a critical deadline for businesses handling cardholder data or processing payments- by March 31, 2025, DMARC implementation will be mandatory! This requirement highlights the importance of preventative measures against...
2025-02-20 16:51
local_offer
News Security
Chinese-Linked Attackers Exploit Check Point Flaw to Deploy ShadowPad and Ransomware
A previously unknown threat activity cluster targeted European organizations, particularly those in the healthcare sector, to deploy PlugX and its successor, ShadowPad, with the intrusions ultimately leading to deployment of a ransomware called NailaoL...
2025-02-20 16:51
local_offer
News Security
China-Linked Attackers Exploit Check Point Flaw to Deploy ShadowPad and Ransomware
A previously unknown threat activity cluster targeted European organizations, particularly those in the healthcare sector, to deploy PlugX and its successor, ShadowPad, with the intrusions ultimately leading to deployment of a ransomware called NailaoL...
2025-02-20 16:51
local_offer
News Security
Cybercriminals Use Eclipse Jarsigner to Deploy XLoader Malware via ZIP Archives
A malware campaign distributing the XLoader malware has been observed using the DLL side-loading technique by making use of a legitimate application associated with the Eclipse Foundation. "The legitimate application used in the attack, jarsigner, is a...
2025-02-20 16:42
local_offer
News Security
Microsoft's End of Support for Exchange 2016 and 2019: What IT Teams Must Do Now
For decades, Microsoft Exchange has been the backbone of business communications, powering emailing, scheduling and collaboration for organizations worldwide. Whether deployed on-premises or in hybrid environments, companies of all sizes rely on Exchan...
2025-02-20 15:30
local_offer
News Security
Citrix Releases Security Fix for NetScaler Console Privilege Escalation Vulnerability
Citrix has released security updates for a high-severity security flaw impacting NetScaler Console (formerly NetScaler ADM) and NetScaler Agent that could lead to privilege escalation under certain conditions. The vulnerability, tracked as CVE-2024-122...
2025-02-20 10:06
local_offer
News Security
Microsoft Patches Actively Exploited Power Pages Privilege Escalation Vulnerability
Microsoft has released security updates to address two Critical-rated flaws impacting Bing and Power Pages, including one that has come under active exploitation in the wild. The vulnerabilities are listed below - CVE-2025-21355 (CVSS score: 8.6) - Mic...
2025-02-20 09:59
local_offer
News Security
Hackers Exploit Signal's Linked Devices Feature to Hijack Accounts via Malicious QR Codes
Multiple Russia-aligned threat actors have been observed targeting individuals of interest via the privacy-focused messaging app Signal to gain unauthorized access to their accounts. "The most novel and widely used technique underpinning Russian-aligne...
2025-02-19 22:29
local_offer
News Security
New Snake Keylogger Variant Leverages AutoIt Scripting to Evade Detection
A new variant of the Snake Keylogger malware is being used to actively target Windows users located in China, Turkey, Indonesia, Taiwan, and Spain. Fortinet FortiGuard Labs said the new version of the malware has been behind over 280 million blocked in...
2025-02-19 18:15
local_offer
News Security
The Ultimate MSP Guide to Structuring and Selling vCISO Services
The growing demand for cybersecurity and compliance services presents a great opportunity for Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) to offer virtual Chief Information Security Officer (vCISO) services—deliver...
2025-02-19 16:30
local_offer
News Security
Trojanized Game Installers Deploy Cryptocurrency Miner in Large-Scale StaryDobry Attack
Users who are on the lookout for popular games were lured into downloading trojanized installers that led to the deployment of a cryptocurrency miner on compromised Windows hosts. The large-scale activity has been codenamed StaryDobry by Russian cybers...
2025-02-19 15:05
local_offer
News Security
CISA Adds Palo Alto Networks and SonicWall Flaws to Exploited Vulnerabilities List
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting Palo Alto Networks PAN-OS and SonicWall SonicOS SSLVPN to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active expl...
2025-02-19 10:18
local_offer
News Security
New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now
Two security vulnerabilities have been discovered in the OpenSSH secure networking utility suite that, if successfully exploited, could result in an active machine-in-the-middle (MitM) and a denial-of-service (DoS) attack, respectively, under certain c...
2025-02-18 21:04
local_offer
News Security
Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks
The Chinese state-sponsored threat actor known as Mustang Panda has been observed employing a novel technique to evade detection and maintain control over infected systems. This involves the use of a legitimate Microsoft Windows utility called Microsof...
2025-02-18 20:39
local_offer
News Security
New FrigidStealer Malware Targets macOS Users via Fake Browser Updates
Cybersecurity researchers are alerting to a new campaign that leverages web injects to deliver a new Apple macOS malware known as FrigidStealer. The activity has been attributed to a previously undocumented threat actor known as TA2727, with the inform...
2025-02-18 18:30
local_offer
News Security

About Feed The Dev

Feed The Dev is a simple news aggragator for developers created by Alex Seifert. It collects news from various sources and displays them in one place.

Find out more on the about page.

Add a Feed

If there is a news source that you would like to see on Feed The Dev, please see this Github repository for instructions.

Popular Tags

News Operating Systems Microsoft Windows Open Source Apple iOS macOS iPad iPhone Mac Hardware

Support Feed The Dev

If you enjoy using Feed The Dev, please consider a donation to help keep the site running and the content coming!

Feed The Dev