ViciousTrap Uses Cisco Flaw to Build Global Honeypot from 5,300 Compromised Devices

300 Servers and €3.5M Seized as Europol Strikes Ransomware Networks Worldwide

SafeLine WAF: Open Source Web Application Firewall with Zero-Day Detection and Bot Protection

U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime Operation

CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud Misconfigs

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a vulnerability linked to the supply chain compromise of the GitHub Action, tj-actions/changed-files, to its Known Exploited Vulnerabilities (KEV) catalog.
The high-severity flaw, tracked as CVE-2025-30066 (CVSS score: 8.6), involves the breach of the GitHub Action to inject malicious code that enables a remote

Headline

CISA Warns of Active Exploitation in GitHub Action Supply Chain Compromise

The Hacker News: Latest News