GitHub Actions abused by Megalodon attack to slip malicious commits into 5,500 repos
Unexpected workflow_dispatch runs in the Actions tab could be a warning sign, the researchers said in a blog post. “If you use OIDC federation for…
Latest Cybersecurity News — Page 153
View all →
Ghost hackers: the cybersecurity mystery that nobody has solved
In the long history of hacking, there have been numerous data breaches that, years or even decades later, remain unsolved. Countless hackers and hacking groups behind them have never been unmasked. But…
MITRE moves Caldera cybersecurity platform to Apache Foundation for broader open-source collaboration
Building on nearly a decade of development, not-for-profit organization MITRE is contributing Caldera to the Apache Incubator as Apache Caldera (Incubating). Developed by MITRE with…
House Republicans scrutinize escalating ransomware, nation-state, AI-driven cyber threats targeting state and local governments
Republican lawmakers on the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection warned that state and local governments are facing a rapidly intensifying cyber…
EXPOSURE 2026 preps cybersecurity pros for AI
Cybersecurity leaders and practitioners brought their burning AI cybersecurity questions to EXPOSURE 2026. They left with clear answers and a blueprint for building an exposure…
How Varonis Atlas integrates Claude Compliance API for AI governance
Varonis announced an integration with the Claude Compliance API, bringing Claude Enterprise and Claude Platform activity into Varonis’ Atlas AI Security Platform. Organizations across industries rely on…
Quasar Linux RAT Targets Developers With Fileless Execution and eBPF Rootkit
A newly discovered Linux malware known as Quasar Linux, or QLNX, is actively targeting software developers and DevOps engineers with a level of sophistication rarely…
Q&A – Resilient You: The Cyber Agony Aunts Are Back!
The Cyber Agony Aunts – Rebecca Taylor, Threat Intelligence Knowledge Manager and Researcher at Sophos, and Amelia Hewitt, Founder of CybAid and Co-Founder and Director of Cyber…
CERT-In Mandates 12-Hour Patch Deadline for Internet-Facing Vulnerabilities
India’s national cyber security agency CERT-In has issued a new blueprint that tells organizations to fix critical vulnerabilities in internet‑facing and “crown‑jewel” systems within 12…
Deepfakes And Vishing Scams: Why Every Family Needs A Code Word.
According to the Wall Street Journal, criminals increasingly use generative AI to mimic real people’s voices and con their loved ones out of money. There’s…
Anthropic: Claude Mythos identified 10,000+ software flaws
Anthropic and its Project Glasswing partners have identified more than 10,000 high- or critical-severity vulnerabilities in critical software systems, the company announced in an update…
Fake software on GitHub and SourceForge distribute Deno RAT
During our threat hunting activities, we found fake installers and plugins impersonating popular software including ChatGPT, Claude, AutoTune, and Kontakt on GitHub and SourceForge distributing…