February Patch Tuesday delivers 57 packages
After January’s deluge, a calmer update volume returns
Similar Posts
Oregon DEQ won’t say if ransomware group took employee data in cyberattack
Bys sGosia Wozniacka of Oregon Live reports: The Oregon Department of Environmental Quality on Friday declined to confirm or deny reports that a well-known ransomware group stole employee files in a recent cyberattack at the agency. The department faced questions after several cybersecurity websites reported that ransomware group Rhysida is behind the cyberattack at the DEQ…
Researchers Detect Malicious npm Package Targeting GitHub-Owned Repositories
Bys sCybersecurity researchers have discovered a malicious npm package named “@acitons/artifact” that typosquats the legitimate “@actions/artifact” package with the intent to target GitHub-owned repositories. “We think the intent was to have this script execute during a build of a GitHub-owned repository, exfiltrate the tokens available to the build environment, and then use those tokens to publish
Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokens
Bys sCybersecurity researchers have disclosed details of a new malicious package discovered on the NuGet Gallery, impersonating a library from financial services firm Stripe in an attempt to target the financial sector. The package, codenamed StripeApi.Net, attempts to masquerade as Stripe.net, a legitimate library from Stripe that has over 75 million downloads. It was uploaded by…
AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks
Bys sA critical misconfiguration in Amazon Web Services (AWS) CodeBuild could have allowed complete takeover of the cloud service provider’s own GitHub repositories, including its AWS JavaScript SDK, putting every AWS environment at risk. The vulnerability has been codenamed CodeBreach by cloud security company Wiz. The issue was fixed by AWS in September 2025 following responsible…
Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit
Bys sFortinet has revealed that threat actors have found a way to maintain read-only access to vulnerable FortiGate devices even after the initial access vector used to breach the devices was patched. The attackers are believed to have leveraged known and now-patched security flaws, including, but not limited to, CVE-2022-42475, CVE-2023-27997, and CVE-2024-21762. “A threat actor…
Apple Backports Critical Fixes for 3 Live Exploits Impacting iOS and macOS Legacy Devices
Bys sApple on Monday backported fixes for three vulnerabilities that have come under active exploitation in the wild to older models and previous versions of the operating systems. The vulnerabilities in question are listed below – CVE-2025-24085 (CVSS score: 7.3) – A use-after-free bug in the Core Media component that could permit a malicious application already…