1917 items
Unread (2155) All Dismissed
HIGH
Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials
The Hacker News supply-chainbreachesmalware +81 18d ago
INFO
ABB AC500 V3 Stack Buffer Overflow in Cryptographic Message Syntax
rss:cisa-advisories 25d ago
INFO
Fuji Electric Tellus
rss:cisa-advisories 25d ago
INFO
ABB AC500 V3 Multiple Vulnerabilities
rss:cisa-advisories 25d ago
INFO
Subnet Solutions PowerSYSTEM Center
rss:cisa-advisories 25d ago
INFO
ABB Automation Builder Gateway for Windows
rss:cisa-advisories 25d ago
INFO
ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities
rss:cisa-advisories 25d ago
INFO
Siemens Siemens ROS#
rss:cisa-advisories 23d ago
INFO
Siemens gWAP
rss:cisa-advisories 23d ago
INFO
Siemens SIMATIC
rss:cisa-advisories 23d ago
INFO
Siemens Ruggedcom Rox
rss:cisa-advisories 23d ago
INFO
Siemens Ruggedcom Rox
rss:cisa-advisories 23d ago
INFO
Siemens Simcenter Femap
rss:cisa-advisories 23d ago
INFO
Universal Robots Polyscope 5
rss:cisa-advisories 23d ago
INFO
Siemens Ruggedcom Rox
rss:cisa-advisories 23d ago
INFO
Siemens Teamcenter
rss:cisa-advisories 23d ago
INFO
Siemens Solid Edge
rss:cisa-advisories 23d ago
INFO
Siemens SENTRON 7KT PAC1261 Data Manager
rss:cisa-advisories 23d ago
INFO
Siemens Opcenter RDnL
rss:cisa-advisories 23d ago
INFO
Siemens Ruggedcom Rox
rss:cisa-advisories 23d ago
INFO
Siemens Industrial Devices
rss:cisa-advisories 23d ago
INFO
Siemens SIMATIC S7 PLC Web Server
rss:cisa-advisories 23d ago
INFO
Siemens SIPROTEC 5
rss:cisa-advisories 23d ago
INFO
Siemens SIMATIC
rss:cisa-advisories 23d ago
INFO
Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt
The Hacker News 20d ago
INFO
Kieback & Peter DDC Building Controllers
rss:cisa-advisories 18d ago
INFO
Siemens RUGGEDCOM APE1808 Devices
rss:cisa-advisories 18d ago
INFO
ABB CoreSense HM and CoreSense M10
rss:cisa-advisories 18d ago
INFO
ScadaBR
rss:cisa-advisories 18d ago
INFO
ZKTeco CCTV Cameras
rss:cisa-advisories 18d ago
INFO
CISA Exposes Secrets, Credentials in 'Private' Repo
rss:darkreading 18d ago
INFO
GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories
The Hacker News 17d ago
INFO
GitHub investigates internal repositories breach claimed by TeamPCP
BleepingComputer 17d ago
INFO
GitHub confirms breach of 3,800 repos via malicious VSCode extension
BleepingComputer 17d ago
INFO
Schnieider Electric EcoStruxure Machine Expert HVAC (SEVD-2026-132-01)
rss:cisa-advisories 17d ago
INFO
Senator presses CISA for answers about alleged GitHub repository leak
The Record 17d ago
INFO
GitHub confirms being hacked by TeamPCP, says customer data unaffected
The Record 17d ago
INFO
Grafana breach caused by missed token rotation after TanStack attack
BleepingComputer 17d ago
INFO
GitHub Confirms Breach, 4K Internal Repos Stolen
rss:darkreading 17d ago
INFO
GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
The Hacker News 16d ago
INFO
GitHub links repo breach to TanStack npm supply-chain attack
BleepingComputer 16d ago
INFO
ABB Terra AC Wallbox
rss:cisa-advisories 16d ago
INFO
ABB B&R Automation Studio
rss:cisa-advisories 16d ago
INFO
ABB B&R Automation Runtime
rss:cisa-advisories 16d ago
INFO
ABB B&R PCs
rss:cisa-advisories 16d ago
INFO
Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack
SecurityWeek 15d ago
INFO
Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
The Hacker News 15d ago
INFO
CISA Security Leak
rss:schneier 15d ago
INFO
Lawmakers Demand Answers as CISA Tries to Contain Data Leak
Krebs 15d ago
INFO
Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
The Hacker News 14d ago
INFO
npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks
The Hacker News 14d ago
INFO
Laravel Lang packages hijacked to deploy credential-stealing malware
BleepingComputer 14d ago
INFO
Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack
SecurityWeek 12d ago
INFO
ABB Terra AC
rss:cisa-advisories 11d ago
INFO
ABB LVS MConfig
rss:cisa-advisories 11d ago
INFO
ABB Ability Camera Connect
rss:cisa-advisories 11d ago
INFO
Eppendorf BioFlo 320
rss:cisa-advisories 11d ago
INFO
ABB AbilityTM Zenon Remote Transport Vulnerability
rss:cisa-advisories 11d ago
INFO
ABB AC500 V2
rss:cisa-advisories 11d ago
INFO
ABB B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM)
rss:cisa-advisories 11d ago
INFO
Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos
rss:darkreading 11d ago
INFO
Malicious npm Package Stole Files From Claude AI User Directory via GitHub
The Hacker News 10d ago
INFO
ABB EIBPORT
rss:cisa-advisories 9d ago
INFO
Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter
rss:cisa-advisories 9d ago
INFO
ABB Busch-Welcome 2 Wire Door Opener Actuator
rss:cisa-advisories 9d ago
INFO
Fourth Frontier Frontier X Mobile Application, Frontier X2
rss:cisa-advisories 9d ago
INFO
CP Plus 8 Ch. Network Video Recorder
rss:cisa-advisories 9d ago
INFO
XCharge C6
rss:cisa-advisories 9d ago
INFO
KMW CCTV Security Cameras
rss:cisa-advisories 9d ago
INFO
MacGregor Voyage Data Recorder (VDR) G4e
rss:cisa-advisories 9d ago
INFO
Supply Chain Compromises Impact Nx Console and GitHub Repositories
rss:cisa-advisories 9d ago
INFO
Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal
The Hacker News 9d ago
INFO
Microsoft calls zero-day releases ‘never justifiable’ as researcher threatens to drop more
The Record 8d ago
INFO
OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack
The Hacker News 5d ago
INFO
Red Hat removes tainted packages after software pipeline compromise
The Record 4d ago
INFO
VS Code zero-day lets hackers steal GitHub tokens in one click
BleepingComputer 3d ago
INFO
NAVTOR NavBox
rss:cisa-advisories 2d ago
INFO
Hitachi Energy MACH HiDraw
rss:cisa-advisories 2d ago
INFO
Hitachi Energy ITT600 Explorer
rss:cisa-advisories 2d ago
INFO
B&R PPT30 Operating System
rss:cisa-advisories 2d ago
INFO
Hitachi Energy RTU500
rss:cisa-advisories 2d ago
INFO
Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
The Hacker News 2d ago
INFO
Agent AI is Coming. Are You Ready?
The Hacker News supply-chainbreachesmalware 17d ago
HIGH
Grafana GitHub Breach Exposes Source Code via TanStack npm Attack
The Hacker News supply-chainbreachesmalware +16 17d ago
INFO
The npm Threat Landscape: Attack Surface and Mitigations (Updated May 1)
rss:unit42 36d ago
INFO
Worm Redux: Fresh Mini Shai-Hulud Infections Bite Supply Chain
rss:darkreading 25d ago
HIGH
Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets
The Hacker News 23d ago
HIGH
Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware
The Hacker News 19d ago
HIGH
Developer Workstations Are Now Part of the Software Supply Chain
The Hacker News 19d ago
HIGH
⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More
The Hacker News 19d ago
HIGH
Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account
The Hacker News 18d ago
INFO
Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack
SecurityWeek 17d ago
INFO
TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO
The Hacker News 12d ago
INFO
Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets
The Hacker News 8d ago
INFO
Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm
The Hacker News 5d ago
INFO
Red Hat npm packages compromised to steal developer credentials
BleepingComputer 5d ago
INFO
Supply Chain Attack Hits 32 Red Hat NPM Packages
SecurityWeek 4d ago
INFO
New IronWorm malware hits 36 packages in npm supply-chain attack
BleepingComputer 2d ago
INFO
Rust-Written IronWorm Hits NPM Supply Chain
rss:darkreading 2d ago
INFO
IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks
The Hacker News 1d ago
INFO
Caught Off Guard: Securing AI After It Hits Production
SecurityWeek breachesransomwaresupply-chain 17d ago
INFO
Typosquatting Is No Longer a User Problem. It's a Supply Chain Problem
The Hacker News supply-chainbreachesmalware 17d ago
HIGH
CVE-2026-9064 (CVSS 7.5) — A flaw was found in 389-ds-base. The get_ldapmessage_controls_ext() function in the LDAP server does...
NVD CVE-2026-9064 17d ago
CRITICAL
CVE-2026-42960 (CVSS 10) — NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous rec...
NVD CVE-2026-42960CVE-2025-11411 17d ago
HIGH
CVE-2026-42959 (CVSS 7.5) — NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the D...
NVD CVE-2026-42959 17d ago
HIGH
CVE-2026-42944 (CVSS 7.5) — NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability that results in hea...
NVD CVE-2026-42944 17d ago
HIGH
CVE-2026-41292 (CVSS 7.5) — NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to a degradation of service atta...
NVD CVE-2026-41292 17d ago
HIGH
CVE-2026-40622 (CVSS 7.5) — NLnet Labs Unbound 1.16.2 up to and including version 1.25.0 has a vulnerability of the 'ghost domai...
NVD CVE-2026-40622 17d ago
CRITICAL
CVE-2026-33278 (CVSS 9.8) — NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC valid...
NVD CVE-2026-33278 17d ago
INFO
Real-World ICS Security Tales From the Trenches
SecurityWeek breachesransomwaresupply-chain 17d ago
INFO
Virtual Event Today: Threat Detection & Incident Response Summit
SecurityWeek breachesransomwaresupply-chain 17d ago
HIGH
Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages
The Hacker News supply-chainbreachesmalware +3 25d ago
INFO
After Replacing TeamPCP Malware, 'PCPJack' Steals Cloud Secrets
rss:darkreading 30d ago
INFO
GitHub Confirms Hack Impacting 3,800 Internal Repositories
SecurityWeek 17d ago
INFO
The Hackers Behind Shai-Hulud: Lucky or Skilled?
rss:darkreading 11d ago
INFO
Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit
The Hacker News CVE-2026-45585supply-chainbreaches 17d ago
HIGH
CVE-2026-5200 (CVSS 8.8) — The AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress plugi...
NVD CVE-2026-5200 17d ago
INFO
Interpol's 'Operation Ramz' Pioneers Cross-Region Collabs in Middle East
rss:darkreading breachesmalwarethreat-actors +1 17d ago
INFO
INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks with 201 Arrests
The Hacker News 19d ago
HIGH
CVE-2026-7522 (CVSS 8.8) — The Advanced Database Cleaner – Premium plugin for WordPress is vulnerable to Local File Inclusion i...
NVD CVE-2026-7522 17d ago
HIGH
CVE-2026-9010 (CVSS 7.5) — The Boost plugin for WordPress is vulnerable to time-based SQL Injection via the 'current_url' and '...
NVD CVE-2026-9010 17d ago
HIGH
CVE-2026-9003 (CVSS 7.5) — E-LAN Hybrid Recording System developed by TONNET has a SQL Injection vulnerability, allowing unauth...
NVD CVE-2026-9003 17d ago
CRITICAL
CVE-2026-7637 (CVSS 9.8) — The Boost plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and includin...
NVD CVE-2026-7637 17d ago
MEDIUM
CVE-2026-24215 (CVSS 5.7) — NVIDIA Triton Inference Server contains a vulnerability in the DALI backend, where an attacker could...
NVD CVE-2026-24215 17d ago
HIGH
CVE-2026-24214 (CVSS 8) — NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker could ...
NVD CVE-2026-24214 17d ago
HIGH
CVE-2026-24213 (CVSS 8) — NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker could ...
NVD CVE-2026-24213 17d ago
MEDIUM
CVE-2026-24208 (CVSS 5.3) — NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a path travers...
NVD CVE-2026-24208 17d ago
HIGH
CVE-2026-24206 (CVSS 7.3) — NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authenticat...
NVD CVE-2026-24206 17d ago
HIGH
CVE-2026-24163 (CVSS 7.5) — NVIDIA TRT-LLM for any platform contains a vulnerability in RPC testing, where an attacker could ca...
NVD CVE-2026-24163 17d ago
MEDIUM
CVE-2026-24160 (CVSS 5.5) — NVIDIA TRT-LLM for any platform contains a vulnerability where an attacker could cause an unchecked...
NVD CVE-2026-24160 17d ago
MEDIUM
CVE-2026-24142 (CVSS 6.3) — NVIDIA TRT-LLM for any platform contains a deserialization vulnerability and unsafe serialized han...
NVD CVE-2026-24142 17d ago
HIGH
CVE-2025-33255 (CVSS 7.5) — NVIDIA TRT-LLM for any platform contains a vulnerability in MPI server, where an attacker could caus...
NVD CVE-2025-33255 17d ago
INFO
What It'll Take to Make AI BOMs Usable in a Modern Security Program
rss:darkreading breachesmalwarethreat-actors 17d ago
HIGH
CVE-2026-7467 (CVSS 8.8) — The Read More & Accordion plugin for WordPress is vulnerable to Privilege Escalation in all versions...
NVD CVE-2026-7467 18d ago
CRITICAL
CVE-2026-7284 (CVSS 9.8) — The Easy Elements for Elementor – Addons & Website Templates plugin for WordPress is vulnerable to p...
NVD CVE-2026-7284 18d ago
CRITICAL
CVE-2026-6555 (CVSS 9.8) — The ProSolution WP Client plugin for WordPress is vulnerable to Arbitrary File Upload in versions up...
NVD CVE-2026-6555 18d ago
HIGH
CVE-2026-6456 (CVSS 8.8) — The Account Switcher plugin for WordPress is vulnerable to Privilege Escalation in all versions up t...
NVD CVE-2026-6456 18d ago
HIGH
CVE-2026-43618 (CVSS 8.1) — Rsync version 3.4.2 and prior contain an integer overflow vulnerability in the compressed-token deco...
NVD CVE-2026-43618 18d ago
HIGH
CVE-2026-3985 (CVSS 7.5) — The Creative Mail – Easier WordPress & WooCommerce Email Marketing plugin for WordPress is vulnerabl...
NVD CVE-2026-3985 18d ago
HIGH
Verizon DBIR 2026: Vulnerability Exploitation Overtakes Credential Theft as Top Breach Vector
SecurityWeek breachesransomwaresupply-chain +4 18d ago
INFO
Most Remediation Programs Never Confirm the Fix Actually Worked
The Hacker News 24d ago
INFO
Verizon DBIR: Enterprises Face a Dangerous Vulnerability Glut
rss:darkreading 18d ago
INFO
Verizon DBIR: Healthcare Fends Off Increased Social Engineering Attacks
rss:darkreading 15d ago
INFO
What 2026 DBIR Confirms: Attacks Are Living in the Browser
BleepingComputer 1d ago
CRITICAL
CVE-2008-4250: Microsoft Windows Buffer Overflow Vulnerability (Microsoft Windows)
CISA KEV CVE-2008-4250actively-exploited 18d ago
CRITICAL
CVE-2009-1537: Microsoft DirectX NULL Byte Overwrite Vulnerability (Microsoft DirectX)
CISA KEV CVE-2009-1537actively-exploited 18d ago
CRITICAL
CVE-2009-3459: Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability (Adobe Acrobat and Reader)
CISA KEV CVE-2009-3459actively-exploited 18d ago
CRITICAL
CVE-2010-0806: Microsoft Internet Explorer Use-After-Free Vulnerability (Microsoft Internet Explorer)
CISA KEV CVE-2010-0806actively-exploited 18d ago
CRITICAL
CVE-2026-41091: Microsoft Defender Link Following Vulnerability (Microsoft Defender)
CISA KEV CVE-2026-41091actively-exploited +2 18d ago
HIGH
CVE-2026-41091 (CVSS 7.8) — Improper link resolution before file access ('link following') in Microsoft Defender allows an autho...
NVD 17d ago
INFO
Microsoft Warns of Two Actively Exploited Defender Vulnerabilities
The Hacker News 16d ago
CRITICAL
CVE-2026-45498: Microsoft Defender Denial of Service Vulnerability (Microsoft Defender)
CISA KEV CVE-2026-45498actively-exploited +1 18d ago
MEDIUM
CVE-2026-45498 (CVSS 4) — Microsoft Defender Denial of Service Vulnerability
NVD 17d ago
INFO
Infosecurity Europe
rss:darkreading breachesmalwarethreat-actors 17d ago
INFO
[Virtual Event] Anatomy of a Data Breach: What to Do if it Happens to You
rss:darkreading breachesmalwarethreat-actors 17d ago
INFO
What Will Make AI BOMs Real?
rss:darkreading breachesmalwarethreat-actors 18d ago
HIGH The Hacker News Tue, 19 May 2026 05:28:06 UTC
Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials
https://thehackernews.com/2026/05/github-actions-supply-chain-attack.html
TL;DR AI
Here is a concise summary of the article in 3 sentences: A vulnerability in GitHub Actions workflow, actions-cool/issues-helper, has allowed threat actors to redirect popular GitHub Actions to an imposter commit that steals sensitive credentials and exfiltrates them to an attacker-controlled server. The imposter commit, which contains malicious code that downloads and exfiltrates credentials, has been compromised in two separate GitHub Actions, and 15 additional tags have been targeted, including "actions-cool/maintain-one-comment". The compromised actions have been disabled due to a violation of GitHub's terms of service, and the attackers are likely linked to the Mini Shai-Hulud campaign targeting npm packages from the @antv ecosystem.
supply-chainbreachesmalware
Read full story ↗
Related coverage (81)
ABB AC500 V3 Stack Buffer Overflow in Cryptographic Message Syntax
rss:cisa-advisories 25d ago
Fuji Electric Tellus
rss:cisa-advisories 25d ago
ABB AC500 V3 Multiple Vulnerabilities
rss:cisa-advisories 25d ago
Subnet Solutions PowerSYSTEM Center
rss:cisa-advisories 25d ago
ABB Automation Builder Gateway for Windows
rss:cisa-advisories 25d ago
ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities
rss:cisa-advisories 25d ago
Siemens Siemens ROS#
rss:cisa-advisories 23d ago
Siemens gWAP
rss:cisa-advisories 23d ago
Siemens SIMATIC
rss:cisa-advisories 23d ago
Siemens Ruggedcom Rox
rss:cisa-advisories 23d ago
Siemens Ruggedcom Rox
rss:cisa-advisories 23d ago
Siemens Simcenter Femap
rss:cisa-advisories 23d ago
Universal Robots Polyscope 5
rss:cisa-advisories 23d ago
Siemens Ruggedcom Rox
rss:cisa-advisories 23d ago
Siemens Teamcenter
rss:cisa-advisories 23d ago
Siemens Solid Edge
rss:cisa-advisories 23d ago
Siemens SENTRON 7KT PAC1261 Data Manager
rss:cisa-advisories 23d ago
Siemens Opcenter RDnL
rss:cisa-advisories 23d ago
Siemens Ruggedcom Rox
rss:cisa-advisories 23d ago
Siemens Industrial Devices
rss:cisa-advisories 23d ago
Siemens SIMATIC S7 PLC Web Server
rss:cisa-advisories 23d ago
Siemens SIPROTEC 5
rss:cisa-advisories 23d ago
Siemens SIMATIC
rss:cisa-advisories 23d ago
Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt
The Hacker News 20d ago
Kieback & Peter DDC Building Controllers
rss:cisa-advisories 18d ago
Siemens RUGGEDCOM APE1808 Devices
rss:cisa-advisories 18d ago
ABB CoreSense HM and CoreSense M10
rss:cisa-advisories 18d ago
ScadaBR
rss:cisa-advisories 18d ago
ZKTeco CCTV Cameras
rss:cisa-advisories 18d ago
CISA Exposes Secrets, Credentials in 'Private' Repo
rss:darkreading 18d ago
GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories
The Hacker News 17d ago
GitHub investigates internal repositories breach claimed by TeamPCP
BleepingComputer 17d ago
GitHub confirms breach of 3,800 repos via malicious VSCode extension
BleepingComputer 17d ago
Schnieider Electric EcoStruxure Machine Expert HVAC (SEVD-2026-132-01)
rss:cisa-advisories 17d ago
Senator presses CISA for answers about alleged GitHub repository leak
The Record 17d ago
GitHub confirms being hacked by TeamPCP, says customer data unaffected
The Record 17d ago
Grafana breach caused by missed token rotation after TanStack attack
BleepingComputer 17d ago
GitHub Confirms Breach, 4K Internal Repos Stolen
rss:darkreading 17d ago
GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
The Hacker News 16d ago
GitHub links repo breach to TanStack npm supply-chain attack
BleepingComputer 16d ago
ABB Terra AC Wallbox
rss:cisa-advisories 16d ago
ABB B&R Automation Studio
rss:cisa-advisories 16d ago
ABB B&R Automation Runtime
rss:cisa-advisories 16d ago
ABB B&R PCs
rss:cisa-advisories 16d ago
Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack
SecurityWeek 15d ago
Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
The Hacker News 15d ago
CISA Security Leak
rss:schneier 15d ago
Lawmakers Demand Answers as CISA Tries to Contain Data Leak
Krebs 15d ago
Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
The Hacker News 14d ago
npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks
The Hacker News 14d ago
Laravel Lang packages hijacked to deploy credential-stealing malware
BleepingComputer 14d ago
Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack
SecurityWeek 12d ago
ABB Terra AC
rss:cisa-advisories 11d ago
ABB LVS MConfig
rss:cisa-advisories 11d ago
ABB Ability Camera Connect
rss:cisa-advisories 11d ago
Eppendorf BioFlo 320
rss:cisa-advisories 11d ago
ABB AbilityTM Zenon Remote Transport Vulnerability
rss:cisa-advisories 11d ago
ABB AC500 V2
rss:cisa-advisories 11d ago
ABB B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM)
rss:cisa-advisories 11d ago
Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos
rss:darkreading 11d ago
Malicious npm Package Stole Files From Claude AI User Directory via GitHub
The Hacker News 10d ago
ABB EIBPORT
rss:cisa-advisories 9d ago
Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter
rss:cisa-advisories 9d ago
ABB Busch-Welcome 2 Wire Door Opener Actuator
rss:cisa-advisories 9d ago
Fourth Frontier Frontier X Mobile Application, Frontier X2
rss:cisa-advisories 9d ago
CP Plus 8 Ch. Network Video Recorder
rss:cisa-advisories 9d ago
XCharge C6
rss:cisa-advisories 9d ago
KMW CCTV Security Cameras
rss:cisa-advisories 9d ago
MacGregor Voyage Data Recorder (VDR) G4e
rss:cisa-advisories 9d ago
Supply Chain Compromises Impact Nx Console and GitHub Repositories
rss:cisa-advisories 9d ago
Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal
The Hacker News 9d ago
Microsoft calls zero-day releases ‘never justifiable’ as researcher threatens to drop more
The Record 8d ago
OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack
The Hacker News 5d ago
Red Hat removes tainted packages after software pipeline compromise
The Record 4d ago
VS Code zero-day lets hackers steal GitHub tokens in one click
BleepingComputer 3d ago
NAVTOR NavBox
rss:cisa-advisories 2d ago
Hitachi Energy MACH HiDraw
rss:cisa-advisories 2d ago
Hitachi Energy ITT600 Explorer
rss:cisa-advisories 2d ago
B&R PPT30 Operating System
rss:cisa-advisories 2d ago
Hitachi Energy RTU500
rss:cisa-advisories 2d ago
Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
The Hacker News 2d ago