.png){kind=logo}
RSS
News
CISA and FBI Warn Fast Flux is Powering Resilient Malware, C2, and Phishing Networks -الثلاثاء، 8 أبريل 2025
Cybersecurity agencies from Australia, Canada, New Zealand, and the United States have published a joint advisory about the risks associated with a technique called fast flux that has been adopted by threat actors to obscure a command-and-control (C2) channel.
Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities -الثلاثاء، 8 أبريل 2025
Google has shipped patches for 62 vulnerabilities, two of which it said have been exploited in the wild.
China-Linked Earth Alux Uses VARGEIT and COBEACON in Multi-Stage Cyber Intrusions -الثلاثاء، 1 أبريل 2025
Cybersecurity researchers have shed light on a new China-linked threat actor called Earth Alux that has targeted various key sectors such as government, technology, logistics, manufacturing, telecommunications, IT services, and retail in the Asia-Pacific (APAC) and Latin American (LATAM) regions.
Nearly 24,000 IPs Target PAN-OS GlobalProtect in Coordinated Login Scan Campaign -الثلاثاء، 1 أبريل 2025
Cybersecurity researchers are warning of a spike in suspicious login scanning activity targeting Palo Alto Networks PAN-OS GlobalProtect gateways, with nearly 24,000 unique IP addresses attempting to access these portals.
Apple Backports Critical Fixes for 3 Recent 0-Days Impacting Older iOS and macOS Devices -الثلاثاء، 1 أبريل 2025
Apple on Monday backported fixes for three vulnerabilities that have come under active exploitation in the wild to older models and previous versions of the operating systems.
UAT-5918 Targets Taiwan's Critical Infrastructure Using Web Shells and Open-Source Tools -الاثنين، 24 مارس 2025
Threat hunters have uncovered a new threat actor named UAT-5918 that has been attacking critical infrastructure entities in Taiwan since at least 2023.
U.S. Treasury Lifts Tornado Cash Sanctions Amid North Korea Money Laundering Probe -الاثنين، 24 مارس 2025
The U.S. Treasury Department has announced that it's removing sanctions against Tornado Cash, a cryptocurrency mixer service that has been accused of aiding the North Korea-linked Lazarus Group to launder their ill-gotten proceeds.
Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories' CI/CD Secrets Exposed -الاثنين، 24 مارس 2025
The supply chain attack involving the GitHub Action "tj-actions/changed-files" started as a highly-targeted attack against one of Coinbase's open-source projects, before evolving into something more widespread in scope.
New 'Rules File Backdoor' Attack Lets Hackers Inject Malicious Code via AI Code Editors -الأربعاء، 19 مارس 2025
Cybersecurity researchers have disclosed details of a new supply chain attack vector dubbed Rules File Backdoor that affects artificial intelligence (AI)-powered code editors like GitHub Copilot and Cursor, causing them to inject malicious code.
CISA Warns of Active Exploitation in GitHub Action Supply Chain Compromise -الأربعاء، 19 مارس 2025
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a vulnerability linked to the supply chain compromise of the GitHub Action, tj-actions/changed-files, to its Known Exploited Vulnerabilities (KEV) catalog.
