News • Insights • Analysis
Trend Micro researchers recently found the existence of a new stealer binary that collects browser and cryptocurrency wallet data, system information, and common files, among others. The researchers designated this new stealer BoryptGrab. Certain variants of the stealer can download Read More …
In early 2025, security researchers uncovered a new malware family named Webrat. Initially, the Trojan targeted regular users by disguising itself as cheats for popular games like Rust, Counter-Strike, and Roblox, or as cracked software. In September, the attackers decided Read More …
Experts have revealed several critical vulnerabilities in GitHub Actions workflows which could pose serious risks to some major open source projects. A recent investigation by Sysdig’s Threat Research Team (TRT) has exposed how misconfigurations, particularly involving the pull_request_target trigger, could Read More …
A critical security incident involving the tj-actions/changed-files GitHub Action has been reported. The changed-files action, which allows GitHub repositories to track file changes, has been tampered with to allow the exposure through GitHub Actions build logs of CI/CD secrets, including Read More …
In our modern world, it’s difficult to underestimate the impact that open-source code has on software development. Over the years, the global community has managed to publish a tremendous number of projects with freely accessible code that can be viewed Read More …
GitHub has revealed it was hit with what may be the largest-ever distributed denial of service (DDoS) attack. The first portion of the attack against the developer platform peaked at 1.35Tbps, and there was a second 400Gbps spike later. This Read More …