Cybersecurity researchers are calling attention to an incident in which the popular GitHub Action tj-actions/changed-files was compromised to leak secrets from repositories using the continuous integration and continuous delivery (CI/CD) workflow.

This latest attack exploits a South Korean university website hosting a reunification education program, using malicious Hangul Word Processor (HWP) files to infect unsuspecting visitors.

The group stated that it stole sensitive data such as private correspondence, personal information, and official decrees. The ransomware group declared that they had already sold some of the alleged stolen information to third parties.

A Russian security agency has accused Ukraine of hacking two Kremlin-backed youth military-patriotic organizations to gather student data for potential recruitment in espionage or terrorist activities.

The attack campaign, attributed by Proofpoint to a cluster known as UNK_CraftyCamel, employed a sophisticated infection chain to deploy a newly discovered backdoor named Sosano.

Internet service providers (ISPs) in China and the West Coast of the United States have become the target of a mass exploitation campaign that deploys information stealers and cryptocurrency miners on compromised hosts.

Some Russians had their internet disrupted on Monday due to a targeted distributed denial-of-service (DDoS) attack on the telecom Beeline — the second major attack on the Moscow-based company in recent weeks.

Poland’s space agency (POLSA) announced on Sunday that it experienced a cyberattack and is currently investigating the situation. The agency has disconnected its network from the internet, rendering its website inaccessible as of Monday.

The Philippine Army has disclosed a cyberattack following reports that a local hacking group claimed to have breached its systems and accessed highly confidential documents.

The findings once again highlight how hard-coded credentials pose a severe security risk to users and organizations alike, not to mention compounding the problem when LLMs end up suggesting insecure coding practices to their users.