News • Insights • Analysis
A critical security incident involving the tj-actions/changed-files GitHub Action has been reported. The changed-files action, which allows GitHub repositories to track file changes, has been tampered with to allow the exposure through GitHub Actions build logs of CI/CD secrets, including Read More …
Microsoft Threat Intelligence has uncovered a new variant of XCSSET, a sophisticated modular macOS malware that infects Xcode projects, in the wild during routine threat hunting. Its first known variant since 2022, this latest XCSSET malware features enhanced obfuscation methods, Read More …
Israel’s military surveillance Unit 8200 has reportedly developed a vast database of intercepted Palestinian communications in order to construct an artificial intelligence tool similar to ChatGPT, a joint investigation by The Guardian, +972 Magazine and Mekomit alleged on Thursday. Israel Read More …
In our modern world, it’s difficult to underestimate the impact that open-source code has on software development. Over the years, the global community has managed to publish a tremendous number of projects with freely accessible code that can be viewed Read More …
As outlined in the Cybersecurity and Infrastructure Security Agency’s (CISA’s) Secure by Design initiative, software manufacturers should ensure that security is a core consideration from the onset of software development and throughout the entirety of the development lifecycle. This voluntary Read More …
Israeli offensive cyber company Paragon will be acquired by the U.S.-based private equity fund AE Industrial Partners for an initial payment of $500 million, with an additional $400 million contingent on meeting business milestones. Despite the acquisition, Paragon will remain Read More …
Many software manufacturers and service providers deploy software and configuration updates as part of their service offerings. These updates may enhance features and/or address security vulnerabilities to provide benefits and security to customers. However, software and the systems that deploy Read More …
Sandvine, the makers of surveillance-ware that allowed authoritarian countries to censor the internet and spy on their citizens, announced that it is leaving dozens of “non-democratic” countries as part of a major overhaul of the company. The company, which was Read More …
Unit 42 researchers have been tracking the activity of an ongoing poisoned Python packages campaign delivering Linux and macOS backdoors via infected Python software packages. Unit 42 researchers named these infected software packages PondRAT. They’ve also found Linux variants of Read More …
The co-defendant of British tech tycoon Mike Lynch – who is currently missing in Italy – has died after being hit by a car. Stephen Chamberlain, 52, was Mr Lynch’s co-defendant in his US fraud trial in which both men Read More …
