Skip to content
cyber security news

cyber security news

Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories’ CI/CD Secrets Exposed

Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories’ CI/CD Secrets Exposed

The supply chain attack involving the GitHub Action “tj-actions/changed-files” started as a highly-targeted attack against one of Coinbase’s open-source projects, before evolving into something more widespread in scope. “The payload was focused on exploiting the… 

U.S. Treasury Lifts Tornado Cash Sanctions Amid North Korea Money Laundering Probe

U.S. Treasury Lifts Tornado Cash Sanctions Amid North Korea Money Laundering Probe

Mar 22, 2025Ravie LakshmananFinancial Security / Cryptocurrency The U.S. Treasury Department has announced that it’s removing sanctions against Tornado Cash, a cryptocurrency mixer service that has been accused of aiding the North Korea-linked Lazarus Group… 

UAT-5918 Targets Taiwan’s Critical Infrastructure Using Web Shells and Open-Source Tools

UAT-5918 Targets Taiwan’s Critical Infrastructure Using Web Shells and Open-Source Tools

Mar 21, 2025Ravie LakshmananThreat Hunting / Vulnerability Threat hunters have uncovered a new threat actor named UAT-5918 that has been attacking critical infrastructure entities in Taiwan since at least 2023. “UAT-5918, a threat actor believed… 

Medusa Ransomware Uses Malicious Driver to Disable Anti-Malware with Stolen Certificates

Medusa Ransomware Uses Malicious Driver to Disable Anti-Malware with Stolen Certificates

Mar 21, 2025Ravie LakshmananRansomware / BYOVD The threat actors behind the Medusa ransomware-as-a-service (RaaS) operation have been observed using a malicious driver dubbed ABYSSWORKER as part of a bring your own vulnerable driver (BYOVD) attack… 

Kaspersky Links Head Mare to Twelve, Targeting Russian Entities via Shared C2 Servers

Kaspersky Links Head Mare to Twelve, Targeting Russian Entities via Shared C2 Servers

Mar 21, 2025Ravie LakshmananMalware / Cyber Attack Two known threat activity clusters codenamed Head Mare and Twelve have likely joined forces to target Russian entities, new findings from Kaspersky reveal. “Head Mare relied heavily on… 

Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility

Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility

Mar 21, 2025Ravie LakshmananCyber Attack / Vulnerability Two now-patched security flaws impacting Cisco Smart Licensing Utility are seeing active exploitation attempts, according to SANS Internet Storm Center. The two critical-rated vulnerabilities in question are listed… 

YouTube Game Cheats Spread Arcane Stealer Malware to Russian-Speaking Users

YouTube Game Cheats Spread Arcane Stealer Malware to Russian-Speaking Users

Mar 20, 2025Ravie LakshmananMalware / Threat Analysis YouTube videos promoting game cheats are being used to deliver a previously undocumented stealer malware called Arcane likely targeting Russian-speaking users. “What’s intriguing about this malware is how… 

Veeam and IBM Release Patches for High-Risk Flaws in Backup and AIX Systems

Veeam and IBM Release Patches for High-Risk Flaws in Backup and AIX Systems

Mar 20, 2025Ravie LakshmananVulnerability / Software Update Veeam has released security updates to address a critical security flaw impacting its Backup & Replication software that could lead to remote code execution. The vulnerability, tracked as…