North Korean state-sponsored cyber actor, TA406, is carrying out phishing attacks and credential-stealing operations against Ukrainian government entities to gather intelligence on the Russian invasion, according to Proofpoint. The group’s tactics involve deploying emails impersonating staff from non-existent organizations and directing recipients to download malicious files. Some of the data collected includes system information and antivirus software details.
GitLab Patches Multiple Duo AI, DoS, and Authorization Flaws in Community and Enterprise Edition
GitLab has released emergency security updates for both Community Edition (CE) and Enterprise Edition (EE), addressing multiple Duo AI, denial‑of‑service, and authorization flaws in recent
