-
A newly disclosed attack technique enables authenticated users within the popular GitOps tool ArgoCD to exfiltrate powerful Git credentials. The method, discovered by the cybersecurity research group Future Sight, exploits Kubernetes’ internal DNS resolution to intercept credentials in transit, posing a significant risk to organizations relying on the continuous delivery tool. ArgoCD, a leading project […] The post New Attack Technique That Enables Attackers To Exfiltrate Git Credentials In Argocd appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical flaw in CoreDNS’s etcd plugin can let attackers pin DNS records in caches for years, effectively blocking legitimate updates. This vulnerability, tracked as CVE-2025-58063, stems from incorrect handling of etcd lease IDs. It affects every Co…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The revelation that commercially available FlexiSPY spyware was clandestinely installed on devices belonging to Kenyan filmmakers while in police custody has ignited fresh concerns over press freedom and governmental overreach. Forensic analysis conduc…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly discovered attack method targeting ArgoCD and Kubernetes that could give red-teamers fresh ammo and blue-teamers fresh headaches. This technique lets an attacker abuse Kubernetes DNS to steal powerful Git credentials from ArgoCD, potentially ta…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A novel malicious Chrome extension has been uncovered targeting digital marketers by masquerading as a productivity tool for Meta ad campaigns. Dubbed “Madgicx Plus,” this extension is distributed through a network of deceptive websites posing as legitimate AI-driven advertising platforms. Rather than optimizing ad performance, the extension leverages powerful browser permissions to hijack user sessions […] The post Malicious Chrome Extension Attacking Users to Steal Meta Login Credentials appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A Chinese APT group compromised a Philippine military company using a new, fileless malware framework called EggStreme. This multi-stage toolset achieves persistent, low-profile espionage by injecting malicious code directly into memory and leveraging …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
London North Eastern Railway (LNER) has confirmed that an unauthorized breach at one of its third-party suppliers exposed contact details and travel histories of some passengers. No banking or password data were involved. The company says it is treatin…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly disclosed vulnerability in the Palo Alto Networks User-ID Credential Agent on Windows systems allows service account passwords to be exposed in cleartext under certain non-default configurations. Tracked as CVE-2025-4235, the flaw carries a CVS…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated npm supply chain attack that surfaced in late August targeted thousands of downstream projects by injecting malicious payloads into popular JavaScript libraries. Initial reports pointed to a new variant of the notorious Typosquatting technique, but further analysis revealed a more elaborate campaign that leveraged compromised maintainer credentials to publish backdoored modules under legitimate […] The post Hackers Booked Very Little Profit with Widespread npm Supply Chain Attack appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The threat actor delivers three Remote Access Trojans (RATs)—ValleyRAT, FatalRAT, and a newly discovered RAT dubbed kkRAT—via phishing sites hosted on GitHub Pages. These sites masquerade as legitimate software installers for popular applications. In e…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
