1917 items
Unread (2155) All Dismissed
HIGH
CVE-2026-9368 (CVSS 7.3) — A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This impacts the functi...
NVD CVE-2026-9368 13d ago
HIGH
CVE-2026-9367 (CVSS 7.3) — A vulnerability was determined in NousResearch hermes-agent up to 5157f5427f19488b31c6fdebbacd15d798...
NVD CVE-2026-9367 13d ago
HIGH
CVE-2026-9366 (CVSS 7.3) — A vulnerability was found in NousResearch hermes-agent 2026.4.23. The impacted element is the functi...
NVD CVE-2026-9366 13d ago
HIGH
CVE-2026-9364 (CVSS 7.3) — A flaw has been found in projectworlds Online Art Gallery Shop 1.0. Impacted is an unknown function ...
NVD CVE-2026-9364 13d ago
HIGH
CVE-2026-9360 (CVSS 8.8) — A security flaw has been discovered in Edimax EW-7438RPn 1.28a. Affected by this issue is the functi...
NVD CVE-2026-9360 13d ago
HIGH
CVE-2026-9356 (CVSS 7.3) — A vulnerability has been found in SourceCodester Hospitals Patient Records Management System 1.0. Th...
NVD CVE-2026-9356 13d ago
HIGH
CVE-2026-9355 (CVSS 7.3) — A flaw has been found in SourceCodester Hospitals Patient Records Management System 1.0. The impacte...
NVD CVE-2026-9355 13d ago
HIGH
CVE-2026-9353 (CVSS 7.3) — A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.23. Impacted is...
NVD CVE-2026-9353 13d ago
HIGH
CVE-2026-9350 (CVSS 7.3) — A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This affects the functi...
NVD CVE-2026-9350 13d ago
HIGH
CVE-2026-9348 (CVSS 8.8) — A vulnerability was found in Edimax EW-7438RPn up to 1.31. Affected by this vulnerability is an unkn...
NVD CVE-2026-9348 13d ago
HIGH
CVE-2026-9346 (CVSS 8.8) — A flaw has been found in Edimax EW-7438RPn up to 1.31. This impacts the function formWirelessTbl of ...
NVD CVE-2026-9346 13d ago
HIGH
CVE-2026-9345 (CVSS 8.8) — A vulnerability was detected in Edimax EW-7438RPn up to 1.31. This affects the function formWizSurve...
NVD CVE-2026-9345 13d ago
HIGH
CVE-2026-9344 (CVSS 8.8) — A security vulnerability has been detected in Edimax EW-7438RPn up to 1.31. The impacted element is ...
NVD CVE-2026-9344 13d ago
HIGH
CVE-2018-25356 (CVSS 8.4) — SIPp 3.6 and earlier contains a local buffer overflow vulnerability in command-line argument handlin...
NVD CVE-2018-25356 14d ago
HIGH
CVE-2018-25355 (CVSS 8.4) — Audiograbber 1.83 contains a local buffer overflow vulnerability that allows attackers to execute ar...
NVD CVE-2018-25355 14d ago
HIGH
CVE-2018-25353 (CVSS 8.8) — Redaxo CMS Mediapool Addon 5.5.1 and older contains an arbitrary file upload vulnerability that allo...
NVD CVE-2018-25353 14d ago
HIGH
CVE-2018-25352 (CVSS 7.1) — WordPress Ultimate Form Builder Lite plugin version 1.3.7 and below contains an SQL injection vulner...
NVD CVE-2018-25352 14d ago
CRITICAL
CVE-2018-25350 (CVSS 9.8) — userSpice 4.3.24 contains a username enumeration vulnerability that allows unauthenticated attackers...
NVD CVE-2018-25350 14d ago
HIGH
CVE-2018-25348 (CVSS 8.2) — Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerability that allows unauthenticated...
NVD CVE-2018-25348 14d ago
HIGH
CVE-2018-25347 (CVSS 7.1) — WordPress Contact Form Maker Plugin 1.12.20 contains SQL injection vulnerabilities that allow authen...
NVD CVE-2018-25347 14d ago
HIGH
CVE-2018-25346 (CVSS 7.1) — WordPress Form Maker Plugin 1.12.24 and below contains SQL injection vulnerabilities that allow auth...
NVD CVE-2018-25346 14d ago
HIGH
CVE-2018-25345 (CVSS 8.4) — 10-Strike Network Scanner 3.0 contains a local buffer overflow vulnerability in the host name field ...
NVD CVE-2018-25345 14d ago
HIGH
CVE-2018-25344 (CVSS 8.4) — 10-Strike Network Inventory Explorer 8.54 contains a stack-based buffer overflow vulnerability in th...
NVD CVE-2018-25344 14d ago
HIGH
CVE-2018-25342 (CVSS 8.2) — Smartshop 1 contains a time-based blind SQL injection vulnerability that allows unauthenticated atta...
NVD CVE-2018-25342 14d ago
HIGH
CVE-2018-25341 (CVSS 8.2) — Smartshop 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute ...
NVD CVE-2018-25341 14d ago
HIGH
CVE-2018-25340 (CVSS 8.2) — Smartshop 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute ...
NVD CVE-2018-25340 14d ago
HIGH
Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials
The Hacker News supply-chainbreachesmalware +81 18d ago
INFO
ABB AC500 V3 Stack Buffer Overflow in Cryptographic Message Syntax
rss:cisa-advisories 25d ago
INFO
Fuji Electric Tellus
rss:cisa-advisories 25d ago
INFO
ABB AC500 V3 Multiple Vulnerabilities
rss:cisa-advisories 25d ago
INFO
Subnet Solutions PowerSYSTEM Center
rss:cisa-advisories 25d ago
INFO
ABB Automation Builder Gateway for Windows
rss:cisa-advisories 25d ago
INFO
ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities
rss:cisa-advisories 25d ago
INFO
Siemens Siemens ROS#
rss:cisa-advisories 23d ago
INFO
Siemens gWAP
rss:cisa-advisories 23d ago
INFO
Siemens SIMATIC
rss:cisa-advisories 23d ago
INFO
Siemens Ruggedcom Rox
rss:cisa-advisories 23d ago
INFO
Siemens Ruggedcom Rox
rss:cisa-advisories 23d ago
INFO
Siemens Simcenter Femap
rss:cisa-advisories 23d ago
INFO
Universal Robots Polyscope 5
rss:cisa-advisories 23d ago
INFO
Siemens Ruggedcom Rox
rss:cisa-advisories 23d ago
INFO
Siemens Teamcenter
rss:cisa-advisories 23d ago
INFO
Siemens Solid Edge
rss:cisa-advisories 23d ago
INFO
Siemens SENTRON 7KT PAC1261 Data Manager
rss:cisa-advisories 23d ago
INFO
Siemens Opcenter RDnL
rss:cisa-advisories 23d ago
INFO
Siemens Ruggedcom Rox
rss:cisa-advisories 23d ago
INFO
Siemens Industrial Devices
rss:cisa-advisories 23d ago
INFO
Siemens SIMATIC S7 PLC Web Server
rss:cisa-advisories 23d ago
INFO
Siemens SIPROTEC 5
rss:cisa-advisories 23d ago
INFO
Siemens SIMATIC
rss:cisa-advisories 23d ago
INFO
Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt
The Hacker News 20d ago
INFO
Kieback & Peter DDC Building Controllers
rss:cisa-advisories 18d ago
INFO
Siemens RUGGEDCOM APE1808 Devices
rss:cisa-advisories 18d ago
INFO
ABB CoreSense HM and CoreSense M10
rss:cisa-advisories 18d ago
INFO
ScadaBR
rss:cisa-advisories 18d ago
INFO
ZKTeco CCTV Cameras
rss:cisa-advisories 18d ago
INFO
CISA Exposes Secrets, Credentials in 'Private' Repo
rss:darkreading 18d ago
INFO
GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories
The Hacker News 17d ago
INFO
GitHub investigates internal repositories breach claimed by TeamPCP
BleepingComputer 17d ago
INFO
GitHub confirms breach of 3,800 repos via malicious VSCode extension
BleepingComputer 17d ago
INFO
Schnieider Electric EcoStruxure Machine Expert HVAC (SEVD-2026-132-01)
rss:cisa-advisories 17d ago
INFO
Senator presses CISA for answers about alleged GitHub repository leak
The Record 17d ago
INFO
GitHub confirms being hacked by TeamPCP, says customer data unaffected
The Record 17d ago
INFO
Grafana breach caused by missed token rotation after TanStack attack
BleepingComputer 17d ago
INFO
GitHub Confirms Breach, 4K Internal Repos Stolen
rss:darkreading 17d ago
INFO
GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
The Hacker News 16d ago
INFO
GitHub links repo breach to TanStack npm supply-chain attack
BleepingComputer 16d ago
INFO
ABB Terra AC Wallbox
rss:cisa-advisories 16d ago
INFO
ABB B&R Automation Studio
rss:cisa-advisories 16d ago
INFO
ABB B&R Automation Runtime
rss:cisa-advisories 16d ago
INFO
ABB B&R PCs
rss:cisa-advisories 16d ago
INFO
Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack
SecurityWeek 15d ago
INFO
Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
The Hacker News 15d ago
INFO
CISA Security Leak
rss:schneier 15d ago
INFO
Lawmakers Demand Answers as CISA Tries to Contain Data Leak
Krebs 15d ago
INFO
Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
The Hacker News 14d ago
INFO
npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks
The Hacker News 14d ago
INFO
Laravel Lang packages hijacked to deploy credential-stealing malware
BleepingComputer 14d ago
INFO
Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack
SecurityWeek 12d ago
INFO
ABB Terra AC
rss:cisa-advisories 11d ago
INFO
ABB LVS MConfig
rss:cisa-advisories 11d ago
INFO
ABB Ability Camera Connect
rss:cisa-advisories 11d ago
INFO
Eppendorf BioFlo 320
rss:cisa-advisories 11d ago
INFO
ABB AbilityTM Zenon Remote Transport Vulnerability
rss:cisa-advisories 11d ago
INFO
ABB AC500 V2
rss:cisa-advisories 11d ago
INFO
ABB B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM)
rss:cisa-advisories 11d ago
INFO
Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos
rss:darkreading 11d ago
INFO
Malicious npm Package Stole Files From Claude AI User Directory via GitHub
The Hacker News 10d ago
INFO
ABB EIBPORT
rss:cisa-advisories 9d ago
INFO
Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter
rss:cisa-advisories 9d ago
INFO
ABB Busch-Welcome 2 Wire Door Opener Actuator
rss:cisa-advisories 9d ago
INFO
Fourth Frontier Frontier X Mobile Application, Frontier X2
rss:cisa-advisories 9d ago
INFO
CP Plus 8 Ch. Network Video Recorder
rss:cisa-advisories 9d ago
INFO
XCharge C6
rss:cisa-advisories 9d ago
INFO
KMW CCTV Security Cameras
rss:cisa-advisories 9d ago
INFO
MacGregor Voyage Data Recorder (VDR) G4e
rss:cisa-advisories 9d ago
INFO
Supply Chain Compromises Impact Nx Console and GitHub Repositories
rss:cisa-advisories 9d ago
INFO
Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal
The Hacker News 9d ago
INFO
Microsoft calls zero-day releases ‘never justifiable’ as researcher threatens to drop more
The Record 8d ago
INFO
OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack
The Hacker News 5d ago
INFO
Red Hat removes tainted packages after software pipeline compromise
The Record 4d ago
INFO
VS Code zero-day lets hackers steal GitHub tokens in one click
BleepingComputer 3d ago
INFO
NAVTOR NavBox
rss:cisa-advisories 2d ago
INFO
Hitachi Energy MACH HiDraw
rss:cisa-advisories 2d ago
INFO
Hitachi Energy ITT600 Explorer
rss:cisa-advisories 2d ago
INFO
B&R PPT30 Operating System
rss:cisa-advisories 2d ago
INFO
Hitachi Energy RTU500
rss:cisa-advisories 2d ago
INFO
Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
The Hacker News 2d ago
HIGH
CVE-2026-46300 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-fr...
NVD CVE-2026-46300 14d ago
HIGH
MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems
The Hacker News supply-chainbreachesmalware +19 19d ago
INFO
'Dirty Frag' Exploit Poised to Blow Up on Enterprise Linux Distros
rss:darkreading 26d ago
INFO
It's Patch Tuesday for Microsoft & Not a Zero-Day In Sight
rss:darkreading 25d ago
INFO
Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws
The Hacker News 24d ago
INFO
[Webinar] How Modern Attack Paths Cross Code, Pipelines, and Cloud
The Hacker News 24d ago
INFO
Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence
The Hacker News 22d ago
INFO
Can Laws Stop Deepfakes? South Korea Aims to Find Out
rss:darkreading 19d ago
INFO
Processes and Culture Top Reasons Behind Data Breaches
rss:darkreading 17d ago
INFO
When Identity is the Attack Path
The Hacker News 16d ago
INFO
CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV
The Hacker News 15d ago
INFO
Meta settles school district lawsuit claiming addictive design harmed students' mental health
The Record 15d ago
INFO
Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software
The Hacker News 14d ago
INFO
⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos
The Hacker News 12d ago
INFO
CERT-In Mandates 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks
The Hacker News 11d ago
INFO
RevEng.AI Raises $15 Million to Hunt for Flaws and Backdoors in Software Binaries
SecurityWeek 10d ago
INFO
California Sues 23andMe, Alleging It Failed to Protect User Data in 2023 Breach
SecurityWeek 8d ago
INFO
California AG sues 23andMe over 2023 breach exposing health data
BleepingComputer 8d ago
INFO
Kirki, Burst Statistics WordPress Plugin Flaws in Attackers’ Crosshairs
SecurityWeek 3d ago
INFO
Chrome 149 Patches 429 Vulnerabilities
SecurityWeek 1d ago
INFO
EU unveils tech sovereignty package to cut reliance on US, Chinese suppliers
The Record 1d ago
INFO
‘Underminr’ Vulnerability Lets Attackers Hide Malicious Connections Behind Trusted Domains
SecurityWeek breachesransomwaresupply-chain 14d ago
INFO
Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer
The Hacker News supply-chainbreachesmalware 14d ago
HIGH
CVE-2026-9295 (CVSS 8.8) — A security flaw has been discovered in Edimax BR-6428NS 1.10. This affects the function formWireless...
NVD CVE-2026-9295 14d ago
HIGH
CVE-2026-9294 (CVSS 8.8) — A vulnerability was identified in Edimax BR-6428NS 1.10. The impacted element is the function formWa...
NVD CVE-2026-9294 14d ago
CRITICAL
CVE-2026-48172: LiteSpeed cPanel Plugin Privilege Escalation Vulnerability (LiteSpeed cPanel Plugin)
CISA KEV CVE-2026-48172actively-exploited +2 11d ago
CRITICAL
CVE-2026-48172 (CVSS 9.8) — LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exp...
NVD 16d ago
INFO
LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
The Hacker News 14d ago
CRITICAL
CVE-2026-9082: Drupal Core SQL Injection Vulnerability (Drupal Core)
CISA KEV CVE-2026-9082actively-exploited +4 15d ago
INFO
Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks
The Hacker News 16d ago
INFO
Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking
SecurityWeek 16d ago
INFO
Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure
SecurityWeek 15d ago
INFO
Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
The Hacker News 14d ago
HIGH
CVE-2026-9284 (CVSS 8.2) — The WooCommerce PayPal Payments plugin for WordPress is vulnerable to unauthorized order manipulatio...
NVD CVE-2026-9284 14d ago
HIGH
CVE-2026-6898 (CVSS 8.8) — The Wishlist Member plugin for WordPress is vulnerable to unauthorized modification of data due to a...
NVD CVE-2026-6898 14d ago
HIGH
CVE-2026-6897 (CVSS 8.8) — The Wishlist Member plugin for WordPress is vulnerable to unauthorized modification of data due to a...
NVD CVE-2026-6897 14d ago
HIGH
CVE-2026-6895 (CVSS 8.8) — The WishList Member plugin for WordPress is vulnerable to Missing Authorization leading to Sensitive...
NVD CVE-2026-6895 14d ago
HIGH
CVE-2026-6419 (CVSS 8.8) — The WishList Member plugin for WordPress is vulnerable to Privilege Escalation via Missing Authoriza...
NVD CVE-2026-6419 14d ago
CRITICAL
CVE-2026-47280 (CVSS 10) — Improper authentication in Azure Resource Manager (ARM) allows an unauthorized attacker to elevate p...
NVD CVE-2026-47280 14d ago
HIGH
CVE-2026-45659 (CVSS 8.8) — Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to ex...
NVD CVE-2026-45659 +1 14d ago
INFO
Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions
The Hacker News 11d ago
CRITICAL
CVE-2026-42901 (CVSS 10) — Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges ...
NVD CVE-2026-42901 14d ago
MEDIUM
CVE-2026-42827 (CVSS 6.5) — Improper neutralization of special elements used in a command ('command injection') in M365 Copilot ...
NVD CVE-2026-42827 14d ago
CRITICAL
CVE-2026-41104 (CVSS 10) — Deserialization of untrusted data in Microsoft Planetary Computer Pro allows an unauthorized attacke...
NVD CVE-2026-41104 14d ago
CRITICAL
CVE-2026-41090 (CVSS 9.3) — Improper neutralization of special elements used in a command ('command injection') in Microsoft Cop...
NVD CVE-2026-41090 14d ago
CRITICAL
CVE-2026-40412 (CVSS 10) — Unrestricted upload of file with dangerous type in Azure Orbital Spatio allows an unauthorized attac...
NVD CVE-2026-40412 14d ago
CRITICAL
CVE-2026-40411 (CVSS 9.9) — Improper input validation in Azure Virtual Network Gateway allows an authorized attacker to execute ...
NVD CVE-2026-40411 14d ago
HIGH
CVE-2026-35430 (CVSS 8.8) — Authorization bypass through user-controlled key in Azure Privileged Identity Management (PIM) allow...
NVD CVE-2026-35430 14d ago
HIGH The Hacker News Tue, 19 May 2026 05:28:06 UTC
Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials
https://thehackernews.com/2026/05/github-actions-supply-chain-attack.html
TL;DR AI
Here is a concise summary of the article in 3 sentences: A vulnerability in GitHub Actions workflow, actions-cool/issues-helper, has allowed threat actors to redirect popular GitHub Actions to an imposter commit that steals sensitive credentials and exfiltrates them to an attacker-controlled server. The imposter commit, which contains malicious code that downloads and exfiltrates credentials, has been compromised in two separate GitHub Actions, and 15 additional tags have been targeted, including "actions-cool/maintain-one-comment". The compromised actions have been disabled due to a violation of GitHub's terms of service, and the attackers are likely linked to the Mini Shai-Hulud campaign targeting npm packages from the @antv ecosystem.
supply-chainbreachesmalware
Read full story ↗
Related coverage (81)
ABB AC500 V3 Stack Buffer Overflow in Cryptographic Message Syntax
rss:cisa-advisories 25d ago
Fuji Electric Tellus
rss:cisa-advisories 25d ago
ABB AC500 V3 Multiple Vulnerabilities
rss:cisa-advisories 25d ago
Subnet Solutions PowerSYSTEM Center
rss:cisa-advisories 25d ago
ABB Automation Builder Gateway for Windows
rss:cisa-advisories 25d ago
ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities
rss:cisa-advisories 25d ago
Siemens Siemens ROS#
rss:cisa-advisories 23d ago
Siemens gWAP
rss:cisa-advisories 23d ago
Siemens SIMATIC
rss:cisa-advisories 23d ago
Siemens Ruggedcom Rox
rss:cisa-advisories 23d ago
Siemens Ruggedcom Rox
rss:cisa-advisories 23d ago
Siemens Simcenter Femap
rss:cisa-advisories 23d ago
Universal Robots Polyscope 5
rss:cisa-advisories 23d ago
Siemens Ruggedcom Rox
rss:cisa-advisories 23d ago
Siemens Teamcenter
rss:cisa-advisories 23d ago
Siemens Solid Edge
rss:cisa-advisories 23d ago
Siemens SENTRON 7KT PAC1261 Data Manager
rss:cisa-advisories 23d ago
Siemens Opcenter RDnL
rss:cisa-advisories 23d ago
Siemens Ruggedcom Rox
rss:cisa-advisories 23d ago
Siemens Industrial Devices
rss:cisa-advisories 23d ago
Siemens SIMATIC S7 PLC Web Server
rss:cisa-advisories 23d ago
Siemens SIPROTEC 5
rss:cisa-advisories 23d ago
Siemens SIMATIC
rss:cisa-advisories 23d ago
Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt
The Hacker News 20d ago
Kieback & Peter DDC Building Controllers
rss:cisa-advisories 18d ago
Siemens RUGGEDCOM APE1808 Devices
rss:cisa-advisories 18d ago
ABB CoreSense HM and CoreSense M10
rss:cisa-advisories 18d ago
ScadaBR
rss:cisa-advisories 18d ago
ZKTeco CCTV Cameras
rss:cisa-advisories 18d ago
CISA Exposes Secrets, Credentials in 'Private' Repo
rss:darkreading 18d ago
GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories
The Hacker News 17d ago
GitHub investigates internal repositories breach claimed by TeamPCP
BleepingComputer 17d ago
GitHub confirms breach of 3,800 repos via malicious VSCode extension
BleepingComputer 17d ago
Schnieider Electric EcoStruxure Machine Expert HVAC (SEVD-2026-132-01)
rss:cisa-advisories 17d ago
Senator presses CISA for answers about alleged GitHub repository leak
The Record 17d ago
GitHub confirms being hacked by TeamPCP, says customer data unaffected
The Record 17d ago
Grafana breach caused by missed token rotation after TanStack attack
BleepingComputer 17d ago
GitHub Confirms Breach, 4K Internal Repos Stolen
rss:darkreading 17d ago
GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
The Hacker News 16d ago
GitHub links repo breach to TanStack npm supply-chain attack
BleepingComputer 16d ago
ABB Terra AC Wallbox
rss:cisa-advisories 16d ago
ABB B&R Automation Studio
rss:cisa-advisories 16d ago
ABB B&R Automation Runtime
rss:cisa-advisories 16d ago
ABB B&R PCs
rss:cisa-advisories 16d ago
Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack
SecurityWeek 15d ago
Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
The Hacker News 15d ago
CISA Security Leak
rss:schneier 15d ago
Lawmakers Demand Answers as CISA Tries to Contain Data Leak
Krebs 15d ago
Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
The Hacker News 14d ago
npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks
The Hacker News 14d ago
Laravel Lang packages hijacked to deploy credential-stealing malware
BleepingComputer 14d ago
Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack
SecurityWeek 12d ago
ABB Terra AC
rss:cisa-advisories 11d ago
ABB LVS MConfig
rss:cisa-advisories 11d ago
ABB Ability Camera Connect
rss:cisa-advisories 11d ago
Eppendorf BioFlo 320
rss:cisa-advisories 11d ago
ABB AbilityTM Zenon Remote Transport Vulnerability
rss:cisa-advisories 11d ago
ABB AC500 V2
rss:cisa-advisories 11d ago
ABB B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM)
rss:cisa-advisories 11d ago
Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos
rss:darkreading 11d ago
Malicious npm Package Stole Files From Claude AI User Directory via GitHub
The Hacker News 10d ago
ABB EIBPORT
rss:cisa-advisories 9d ago
Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter
rss:cisa-advisories 9d ago
ABB Busch-Welcome 2 Wire Door Opener Actuator
rss:cisa-advisories 9d ago
Fourth Frontier Frontier X Mobile Application, Frontier X2
rss:cisa-advisories 9d ago
CP Plus 8 Ch. Network Video Recorder
rss:cisa-advisories 9d ago
XCharge C6
rss:cisa-advisories 9d ago
KMW CCTV Security Cameras
rss:cisa-advisories 9d ago
MacGregor Voyage Data Recorder (VDR) G4e
rss:cisa-advisories 9d ago
Supply Chain Compromises Impact Nx Console and GitHub Repositories
rss:cisa-advisories 9d ago
Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal
The Hacker News 9d ago
Microsoft calls zero-day releases ‘never justifiable’ as researcher threatens to drop more
The Record 8d ago
OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack
The Hacker News 5d ago
Red Hat removes tainted packages after software pipeline compromise
The Record 4d ago
VS Code zero-day lets hackers steal GitHub tokens in one click
BleepingComputer 3d ago
NAVTOR NavBox
rss:cisa-advisories 2d ago
Hitachi Energy MACH HiDraw
rss:cisa-advisories 2d ago
Hitachi Energy ITT600 Explorer
rss:cisa-advisories 2d ago
B&R PPT30 Operating System
rss:cisa-advisories 2d ago
Hitachi Energy RTU500
rss:cisa-advisories 2d ago
Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
The Hacker News 2d ago