menu
Feed The Dev

Security

CastleLoader Malware Infects 469 Devices Using Fake GitHub Repos and ClickFix Phishing
Cybersecurity researchers have shed light on a new versatile malware loader called CastleLoader that has been put to use in campaigns distributing various information stealers and remote access trojans (RATs). The activity employs Cloudflare-themed Cli...
2025-07-24 20:43
local_offer
News Security
Sophos and SonicWall Patch Critical RCE Flaws Affecting Firewalls and SMA 100 Devices
Sophos and SonicWall have alerted users of critical security flaws in Sophos Firewall and Secure Mobile Access (SMA) 100 Series appliances that could be exploited to achieve remote code execution.  The two vulnerabilities impacting Sophos Firewall are...
2025-07-24 19:44
local_offer
News Security
Watch This Webinar to Uncover Hidden Flaws in Login, AI, and Digital Trust — and Fix Them
Is Managing Customer Logins and Data Giving You Headaches? You're Not Alone! Today, we all expect super-fast, secure, and personalized online experiences. But let's be honest, we're also more careful about how our data is used. If something feels off, ...
2025-07-24 17:06
local_offer
News Security
Pentests once a year? Nope. It’s time to build an offensive SOC
You wouldn’t run your blue team once a year, so why accept this substandard schedule for your offensive side? Your cybersecurity teams are under intense pressure to be proactive and to find your network’s weaknesses before adversaries do. But in ma...
2025-07-24 16:30
local_offer
News Security
China-Based APTs Deploy Fake Dalai Lama Apps to Spy on Tibetan Community
The Tibetan community has been targeted by a China-nexus cyber espionage group as part of two campaigns conducted last month ahead of the Dalai Lama's 90th birthday on July 6, 2025. The multi-stage attacks have been codenamed Operation GhostChat and Op...
2025-07-24 16:29
local_offer
News Security
Storm-2603 Exploits SharePoint Flaws to Deploy Warlock Ransomware on Unpatched Systems
Microsoft has revealed that one of the threat actors behind the active exploitation of SharePoint flaws is deploying Warlock ransomware on targeted systems. The tech giant, in an update shared Wednesday, said the findings are based on an "expanded anal...
2025-07-24 16:07
local_offer
News Security
Europol Arrests XSS Forum Admin in Kyiv After 12-Year Run Operating Cybercrime Marketplace
Europol on Monday announced the arrest of the suspected administrator of XSS.is (formerly DaMaGeLaB), a notorious Russian-speaking cybercrime platform. The arrest, which took place in Kyiv, Ukraine, on July 222, 2025, was led by the French Police and P...
2025-07-24 12:18
local_offer
News Security
Hackers Deploy Stealth Backdoor in WordPress Mu-Plugins to Maintain Admin Access
Cybersecurity researchers have uncovered a new stealthy backdoor concealed within the "mu-plugins" directory in WordPress sites to grant threat actors persistent access and allow them to perform arbitrary actions. Must-use plugins (aka mu-plugins) are ...
2025-07-24 10:41
local_offer
News Security
Threat Actor Mimo Targets Magento and Docker to Deploy Crypto Miners and Proxyware
The threat actor behind the exploitation of vulnerable Craft Content Management System (CMS) instances has shifted its tactics to target Magento CMS and misconfigured Docker instances. The activity has been attributed to a threat actor tracked as Mimo ...
2025-07-23 22:45
local_offer
News Security
New Coyote Malware Variant Exploits Windows UI Automation to Steal Banking Credentials
The Windows banking trojan known as Coyote has become the first known malware strain to exploit the Windows accessibility framework called UI Automation (UIA) to harvest sensitive information. "The new Coyote variant is targeting Brazilian users, and u...
2025-07-23 18:28
local_offer
News Security
Kerberoasting Detections: A New Approach to a Decade-Old Challenge
Security experts have been talking about Kerberoasting for over a decade, yet this attack continues to evade typical defense methods. Why? It’s because existing detections rely on brittle heuristics and static rules, which don’t hold up for detecti...
2025-07-23 16:30
local_offer
News Security
Google Launches OSS Rebuild to Expose Malicious Code in Widely Used Open-Source Packages
Google has announced the launch of a new initiative called OSS Rebuild to bolster the security of the open-source package ecosystems and prevent software supply chain attacks. "As supply chain attacks continue to target widely-used dependencies, OSS Re...
2025-07-23 14:58
local_offer
News Security
CISA Warns: SysAid Flaws Under Active Attack Enable Remote File Access and SSRF
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two security flaws impacting SysAid IT support software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities in questi...
2025-07-23 11:53
local_offer
News Security
CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), on July 22, 2025, added two Microsoft SharePoint flaws, CVE-2025-49704 and CVE-2025-49706, to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation....
2025-07-23 10:10
local_offer
News Security
Microsoft Links Ongoing SharePoint Exploits to Three Chinese Hacker Groups
Microsoft has formally tied the exploitation of security flaws in internet-facing SharePoint Server instances to two Chinese hacking groups called Linen Typhoon and Violet Typhoon as early as July 7, 2025, corroborating earlier reports. The tech giant ...
2025-07-22 21:15
local_offer
News Security
Cisco Confirms Active Exploits Targeting ISE Flaws Enabling Unauthenticated Root Access
Cisco on Monday updated its advisory of a set of recently disclosed security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) to acknowledge active exploitation. "In July 2025, the Cisco PSIRT [Product Security Incid...
2025-07-22 18:38
local_offer
News Security
Credential Theft and Remote Access Surge as AllaKore, PureRAT, and Hijack Loader Proliferate
Mexican organizations are still being targeted by threat actors to deliver a modified version of AllaKore RAT and SystemBC as part of a long-running campaign.  The activity has been attributed by Arctic Wolf Labs to a financially motivated hacking gro...
2025-07-22 18:30
local_offer
News Security
How to Advance from SOC Manager to CISO?
Making the move from managing a security operations center (SOC) to being a chief information security officer (CISO) is a significant career leap. Not only do you need a solid foundation of tech knowledge but also leadership skills and business smarts...
2025-07-22 16:30
local_offer
News Security
Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access
The recently disclosed critical Microsoft SharePoint vulnerability has been under exploitation as early as July 7, 2025, according to findings from Check Point Research. The cybersecurity company said it observed first exploitation attempts targeting a...
2025-07-22 13:29
local_offer
News Security
Iran-Linked DCHSpy Android Malware Masquerades as VPN Apps to Spy on Dissidents
Cybersecurity researchers have unearthed new Android spyware artifacts that are likely affiliated with the Iranian Ministry of Intelligence and Security (MOIS) and have been distributed to targets by masquerading as VPN apps and Starlink, a satellite i...
2025-07-21 22:48
local_offer
News Security

About Feed The Dev

Feed The Dev is a simple news aggragator for developers created by Alex Seifert. It collects news from various sources and displays them in one place.

Find out more on the about page.

Add a Feed

If there is a news source that you would like to see on Feed The Dev, please see this Github repository for instructions.

Popular Tags

News Operating Systems Microsoft Windows Open Source Apple iOS macOS iPad iPhone Mac Hardware

Support Feed The Dev

If you enjoy using Feed The Dev, please consider a donation to help keep the site running and the content coming!

Feed The Dev