1879 items
Unread (2116) All Dismissed
HIGH
Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials
The Hacker News supply-chainbreachesmalware +81 17d ago
INFO
ABB AC500 V3 Stack Buffer Overflow in Cryptographic Message Syntax
rss:cisa-advisories 24d ago
INFO
Fuji Electric Tellus
rss:cisa-advisories 24d ago
INFO
ABB AC500 V3 Multiple Vulnerabilities
rss:cisa-advisories 24d ago
INFO
Subnet Solutions PowerSYSTEM Center
rss:cisa-advisories 24d ago
INFO
ABB Automation Builder Gateway for Windows
rss:cisa-advisories 24d ago
INFO
ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities
rss:cisa-advisories 24d ago
INFO
Siemens Siemens ROS#
rss:cisa-advisories 22d ago
INFO
Siemens gWAP
rss:cisa-advisories 22d ago
INFO
Siemens SIMATIC
rss:cisa-advisories 22d ago
INFO
Siemens Ruggedcom Rox
rss:cisa-advisories 22d ago
INFO
Siemens Ruggedcom Rox
rss:cisa-advisories 22d ago
INFO
Siemens Simcenter Femap
rss:cisa-advisories 22d ago
INFO
Universal Robots Polyscope 5
rss:cisa-advisories 22d ago
INFO
Siemens Ruggedcom Rox
rss:cisa-advisories 22d ago
INFO
Siemens Teamcenter
rss:cisa-advisories 22d ago
INFO
Siemens Solid Edge
rss:cisa-advisories 22d ago
INFO
Siemens SENTRON 7KT PAC1261 Data Manager
rss:cisa-advisories 22d ago
INFO
Siemens Opcenter RDnL
rss:cisa-advisories 22d ago
INFO
Siemens Ruggedcom Rox
rss:cisa-advisories 22d ago
INFO
Siemens Industrial Devices
rss:cisa-advisories 22d ago
INFO
Siemens SIMATIC S7 PLC Web Server
rss:cisa-advisories 22d ago
INFO
Siemens SIPROTEC 5
rss:cisa-advisories 22d ago
INFO
Siemens SIMATIC
rss:cisa-advisories 22d ago
INFO
Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt
The Hacker News 19d ago
INFO
Kieback & Peter DDC Building Controllers
rss:cisa-advisories 17d ago
INFO
Siemens RUGGEDCOM APE1808 Devices
rss:cisa-advisories 17d ago
INFO
ABB CoreSense HM and CoreSense M10
rss:cisa-advisories 17d ago
INFO
ScadaBR
rss:cisa-advisories 17d ago
INFO
ZKTeco CCTV Cameras
rss:cisa-advisories 17d ago
INFO
CISA Exposes Secrets, Credentials in 'Private' Repo
rss:darkreading 17d ago
INFO
GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories
The Hacker News 16d ago
INFO
GitHub investigates internal repositories breach claimed by TeamPCP
BleepingComputer 16d ago
INFO
GitHub confirms breach of 3,800 repos via malicious VSCode extension
BleepingComputer 16d ago
INFO
Schnieider Electric EcoStruxure Machine Expert HVAC (SEVD-2026-132-01)
rss:cisa-advisories 16d ago
INFO
Senator presses CISA for answers about alleged GitHub repository leak
The Record 16d ago
INFO
GitHub confirms being hacked by TeamPCP, says customer data unaffected
The Record 16d ago
INFO
Grafana breach caused by missed token rotation after TanStack attack
BleepingComputer 16d ago
INFO
GitHub Confirms Breach, 4K Internal Repos Stolen
rss:darkreading 16d ago
INFO
GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
The Hacker News 15d ago
INFO
GitHub links repo breach to TanStack npm supply-chain attack
BleepingComputer 15d ago
INFO
ABB Terra AC Wallbox
rss:cisa-advisories 15d ago
INFO
ABB B&R Automation Studio
rss:cisa-advisories 15d ago
INFO
ABB B&R Automation Runtime
rss:cisa-advisories 15d ago
INFO
ABB B&R PCs
rss:cisa-advisories 15d ago
INFO
Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack
SecurityWeek 14d ago
INFO
Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
The Hacker News 14d ago
INFO
CISA Security Leak
rss:schneier 14d ago
INFO
Lawmakers Demand Answers as CISA Tries to Contain Data Leak
Krebs 14d ago
INFO
Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
The Hacker News 13d ago
INFO
npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks
The Hacker News 13d ago
INFO
Laravel Lang packages hijacked to deploy credential-stealing malware
BleepingComputer 13d ago
INFO
Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack
SecurityWeek 11d ago
INFO
ABB Terra AC
rss:cisa-advisories 10d ago
INFO
ABB LVS MConfig
rss:cisa-advisories 10d ago
INFO
ABB Ability Camera Connect
rss:cisa-advisories 10d ago
INFO
Eppendorf BioFlo 320
rss:cisa-advisories 10d ago
INFO
ABB AbilityTM Zenon Remote Transport Vulnerability
rss:cisa-advisories 10d ago
INFO
ABB AC500 V2
rss:cisa-advisories 10d ago
INFO
ABB B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM)
rss:cisa-advisories 10d ago
INFO
Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos
rss:darkreading 10d ago
INFO
Malicious npm Package Stole Files From Claude AI User Directory via GitHub
The Hacker News 9d ago
INFO
ABB EIBPORT
rss:cisa-advisories 8d ago
INFO
Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter
rss:cisa-advisories 8d ago
INFO
ABB Busch-Welcome 2 Wire Door Opener Actuator
rss:cisa-advisories 8d ago
INFO
Fourth Frontier Frontier X Mobile Application, Frontier X2
rss:cisa-advisories 8d ago
INFO
CP Plus 8 Ch. Network Video Recorder
rss:cisa-advisories 8d ago
INFO
XCharge C6
rss:cisa-advisories 8d ago
INFO
KMW CCTV Security Cameras
rss:cisa-advisories 8d ago
INFO
MacGregor Voyage Data Recorder (VDR) G4e
rss:cisa-advisories 8d ago
INFO
Supply Chain Compromises Impact Nx Console and GitHub Repositories
rss:cisa-advisories 8d ago
INFO
Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal
The Hacker News 8d ago
INFO
Microsoft calls zero-day releases ‘never justifiable’ as researcher threatens to drop more
The Record 7d ago
INFO
OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack
The Hacker News 4d ago
INFO
Red Hat removes tainted packages after software pipeline compromise
The Record 3d ago
INFO
VS Code zero-day lets hackers steal GitHub tokens in one click
BleepingComputer 2d ago
INFO
NAVTOR NavBox
rss:cisa-advisories 1d ago
INFO
Hitachi Energy MACH HiDraw
rss:cisa-advisories 1d ago
INFO
Hitachi Energy ITT600 Explorer
rss:cisa-advisories 1d ago
INFO
B&R PPT30 Operating System
rss:cisa-advisories 1d ago
INFO
Hitachi Energy RTU500
rss:cisa-advisories 1d ago
INFO
Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
The Hacker News 1d ago
INFO
Chinese Cybercrime Group in Spotlight for Record Campaign Pace
SecurityWeek breachesransomwaresupply-chain 1d ago
INFO
Gemini Voice Assistant Hijacked via Messaging Notifications
SecurityWeek breachesransomwaresupply-chain +18 1d ago
INFO
VoidStealer Malware Darts Past Google Chrome's Encryption
rss:darkreading 30d ago
INFO
Android Adds Intrusion Logging for Sophisticated Spyware Forensics
The Hacker News 23d ago
INFO
A 0-click exploit chain for the Pixel 10: When a Door Closes, a Window Opens
rss:googleprojectzero 23d ago
INFO
Google’s Surge in Chrome Vulnerability Discoveries Likely Driven by AI
SecurityWeek 15d ago
INFO
Google accidentally exposed details of unfixed Chromium flaw
BleepingComputer 15d ago
INFO
Google API Keys Remain Active After Deletion
rss:darkreading 15d ago
INFO
GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure
The Hacker News 9d ago
INFO
Google Unveils AI Threat Defense Platform to Fight AI-Powered Cyberattacks
SecurityWeek 8d ago
INFO
US charges Google security engineer with Polymarket insider trading
BleepingComputer 7d ago
INFO
Google Chrome adds session cookie theft protection for all users
BleepingComputer 7d ago
INFO
Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts
The Hacker News 4d ago
INFO
Google fixes one actively exploited Android zero-day, 124 flaws
BleepingComputer 3d ago
INFO
Google adds Android protection against AI deepfake scam calls
BleepingComputer 2d ago
INFO
Malicious Notifications Could Trick Google Gemini Users
rss:darkreading 2d ago
INFO
Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT
The Hacker News 2d ago
INFO
WhatsApp, Slack Notifications Could Hijack Google Gemini on Android
The Hacker News 2d ago
INFO
Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS
The Hacker News 1d ago
INFO
FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads
The Hacker News 1d ago
INFO
Over 1.4 Million Accounts Disrupted in Cybercrime Crackdown
SecurityWeek breachesransomwaresupply-chain 1d ago
INFO
Hackers Spied on a Stock Exchange Executive's Outlook Mailbox for Five Months
The Hacker News supply-chainbreachesmalware 1d ago
HIGH
CVE-2026-50213 (CVSS 7.5) — The account validation endpoint /v1/User/validate returns comprehensive user profile data sheets, wh...
NVD CVE-2026-50213 1d ago
CRITICAL
CVE-2026-50211 (CVSS 9.8) — Leftover engineering diagnostics and factory-level diagnostic software remain exposed on retail buil...
NVD CVE-2026-50211 1d ago
HIGH
CVE-2026-50210 (CVSS 7.5) — The device encrypts data using AES-CBC with static zero-filled Initialization Vectors (IVs), making ...
NVD CVE-2026-50210 1d ago
HIGH
CVE-2026-50209 (CVSS 7.8) — Broadcast events allow malicious software to rewrite the device's default Mobile Device Management (...
NVD CVE-2026-50209 1d ago
CRITICAL
CVE-2026-50208 (CVSS 9.4) — High-risk TrustAllCerts routines disable standard TLS certificate validation. Combined with hard-cod...
NVD CVE-2026-50208 1d ago
HIGH
CVE-2026-50207 (CVSS 7.8) — The system Binder boundary accepts unverified pass-through AT commands, giving local applications th...
NVD CVE-2026-50207 1d ago
INFO
Cisco warns of critical Unified CM flaw with PoC exploit code
BleepingComputer breachesransomwaresupply-chain +4 1d ago
INFO
Maximum Severity Cisco SD-WAN Bug Exploited in the Wild
rss:darkreading 22d ago
INFO
Cisco Patches Critical Vulnerability in Secure Workload
SecurityWeek 15d ago
INFO
Max severity Cisco Secure Workload flaw gives Site Admin privileges
BleepingComputer 15d ago
INFO
Cisco Warns of Available PoC for Critical Unified CM Vulnerability
SecurityWeek 1d ago
HIGH
Microsoft shares mitigation for YellowKey Windows zero-day
BleepingComputer breachesransomwaresupply-chain +47 16d ago
INFO
Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation
The Hacker News 23d ago
INFO
Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday
The Hacker News 23d ago
HIGH
Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation
The Hacker News 22d ago
INFO
Zero-Day Exploit Against Windows BitLocker
rss:schneier 18d ago
INFO
Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer
The Hacker News 17d ago
INFO
The New Phishing Click: How OAuth Consent Bypasses MFA
The Hacker News 17d ago
INFO
Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks
SecurityWeek 17d ago
HIGH
Microsoft Disrupts Malware-Signing Service Run by ‘Fox Tempest’
SecurityWeek 17d ago
INFO
Stealer Spoofs Google, Microsoft & Apple, Then Backdoors macOS
rss:darkreading 17d ago
HIGH
Cybercrime service disrupted for abusing Microsoft platform to sign malware
BleepingComputer 17d ago
INFO
Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API
The Hacker News 16d ago
INFO
Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks
The Hacker News 16d ago
INFO
Microsoft Rolls Out Mitigations for ‘YellowKey’ BitLocker Bypass
SecurityWeek 16d ago
INFO
Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development
The Hacker News 16d ago
INFO
Microsoft warns of new Defender zero-days exploited in attacks
BleepingComputer 15d ago
INFO
Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days
SecurityWeek 15d ago
INFO
China's Webworm Uses Discord, Microsoft Graphs to Hack EU Govts.
rss:darkreading 14d ago
INFO
FBI warns of Kali365 phishing-as-a-service after April Microsoft 365 attacks
The Record 14d ago
INFO
FBI warns of Kali365 phishing service targeting Microsoft 365 accounts
BleepingComputer 11d ago
INFO
Microsoft: Domain Controller lookup may fail on Windows Server 2016
BleepingComputer 10d ago
INFO
Anthropic Expands Claude’s Enterprise Security Governance With 28 New Integrations
SecurityWeek 10d ago
INFO
Microsoft Defender can now automatically isolate hacked endpoints
BleepingComputer 10d ago
INFO
Microsoft Issues Out-of-Band SharePoint Patch
rss:darkreading 10d ago
INFO
AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites
The Hacker News 9d ago
INFO
Windows 11 KB5089573 update released with performance improvements
BleepingComputer 9d ago
INFO
Microsoft fixes KB5089549 Windows security update install issues
BleepingComputer 4d ago
INFO
Microsoft confirms outage affecting MFA, My Sign-Ins platform
BleepingComputer 4d ago
INFO
Microsoft fixes outage affecting MFA setup, MySignIn service
BleepingComputer 4d ago
INFO
Microsoft says it will not pursue security researchers after zero-day backlash
The Record 4d ago
INFO
Microsoft investigates Office Apps, Teams file access issues
BleepingComputer 4d ago
INFO
Microsoft's Zero-Day Legal Threats Spark Backlash
rss:darkreading 4d ago
INFO
Microsoft Threatening Security Researcher
rss:schneier 3d ago
INFO
Exclusive: How One Line of Code Put Billions of Microsoft Android App Downloads at Risk
SecurityWeek 3d ago
INFO
Microsoft Exchange Online outage causes email delays, failures
BleepingComputer 3d ago
INFO
FBI-Flagged Phishing Kit Kali365 Expands Its Reach
rss:darkreading 3d ago
INFO
Microsoft's Coreutils project brings Linux commands to Windows
BleepingComputer 3d ago
INFO
New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare
The Hacker News 2d ago
INFO
Microsoft Tries to Calm Legal Threat Fears After Zero-Day Disclosure Backlash
SecurityWeek 2d ago
INFO
One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens
The Hacker News 2d ago
INFO
Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag
The Hacker News 2d ago
INFO
Coding Gaffe Exposes Microsoft 365 Accounts to Widespread Takeover
rss:darkreading 2d ago
INFO
VS Code Vulnerability Allows One-Click GitHub Token Theft
SecurityWeek 1d ago
INFO
Researcher publishes GitHub token-stealing exploit, blames Microsoft’s disclosure process
The Record 1d ago
INFO
Microsoft blames unexpected Windows driver updates on caching issue
BleepingComputer 1d ago
INFO
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network
The Hacker News 20h ago
INFO
New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework
The Hacker News 14h ago
INFO
Chinese APT deploys new malware to keep access to hacked networks
BleepingComputer 8h ago
CRITICAL
CVE-2026-45247: Mirasvit Full Page Cache Warmer Deserialization of Untrusted Data Vulnerability (Mirasvit Mirasvit Full Page Cache Warmer)
CISA KEV CVE-2026-45247actively-exploited +2 3d ago
CRITICAL
CVE-2026-45247 (CVSS 9.8) — Mirasvit Full Page Cache Warmer for Magento 2 before version 1.11.12 contains a PHP object injection...
NVD 10d ago
INFO
CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog
The Hacker News 1d ago
HIGH
CVE-2026-50205 (CVSS 8.2) — System log files output unencrypted SMTP server authentication passwords alongside sensitive employe...
NVD CVE-2026-50205 1d ago
HIGH
CVE-2026-49203 (CVSS 8.3) — Crucial management API endpoints for cellular eSIM allocation do not validate caller authorization, ...
NVD CVE-2026-49203 1d ago
HIGH
CVE-2026-49202 (CVSS 8.6) — Internal multimedia session archives are accessible without authentication, exacerbated by loose Cro...
NVD CVE-2026-49202 1d ago
HIGH
CVE-2026-49194 (CVSS 8.8) — The debugging routine SCREEN_CLICK(5053) enables a connection to skip the standard device login prom...
NVD CVE-2026-49194 1d ago
HIGH
CVE-2026-49193 (CVSS 7.5) — Overly permissive configuration settings on cloud storage containers expose active telemetry informa...
NVD CVE-2026-49193 1d ago
CRITICAL
CVE-2026-49191 (CVSS 9.8) — The production build of the M3WebServer hard-codes its backend API keys, which can be easily interce...
NVD CVE-2026-49191 1d ago
HIGH
CVE-2026-49190 (CVSS 8.8) — The system fails to evaluate instructional permissions over multiple internal operation codes (opcod...
NVD CVE-2026-49190 1d ago
HIGH
CVE-2026-49189 (CVSS 7.8) — Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software c...
NVD CVE-2026-49189 1d ago
CRITICAL
CVE-2026-49188 (CVSS 9.8) — The ai_cmd utility executes with full root permissions. It pipes socket inputs directly to popen(), ...
NVD CVE-2026-49188 1d ago
HIGH
CVE-2026-49187 (CVSS 7.5) — The hard-coded APK resource files never expire, and the shared scepter leads to information leaks an...
NVD CVE-2026-49187 1d ago
INFO
DoJ Disrupts Southeast Asia Crypto Fraud Networks, Freezes $3.8 Million in Assets
The Hacker News supply-chainbreachesmalware 1d ago
CRITICAL
CVE-2026-49186 (CVSS 9.8) — The local MQTT broker does not enforce topic-level Access Control Lists (ACLs). This allows any clie...
NVD CVE-2026-49186 1d ago
CRITICAL
CVE-2026-49185 (CVSS 9.8) — The FieldX MDM adb messaging topic passes unverified payloads directly into Runtime.exec(), allowing...
NVD CVE-2026-49185 1d ago
MEDIUM
CVE-2026-48681 (CVSS 5.9) — OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployme...
NVD CVE-2026-48681 1d ago
INFO
Pakistan Spies on Afghan Finance Ministry With Xeno RAT
rss:darkreading breachesmalwarethreat-actors 1d ago
HIGH
CVE-2026-10737 (CVSS 7.5) — The SP Project & Document Manager plugin for WordPress is vulnerable to unauthorized access due to a...
NVD CVE-2026-10737 2d ago
HIGH
CVE-2026-10777 (CVSS 7.3) — A vulnerability was identified in ealpha072 Student-Management-System up to 01451bd7a2f58cdda07bd0b8...
NVD CVE-2026-10777 2d ago
MEDIUM
CVE-2026-46447 (CVSS 5.8) — OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE script if the attacker can se...
NVD CVE-2026-46447 2d ago
HIGH
CVE-2026-10771 (CVSS 7.3) — A vulnerability was found in crmeb crmeb_java 1.4. Affected is the function RestTemplate.getForEntit...
NVD CVE-2026-10771 2d ago
INFO
Attackers Use AI to Automate EDR Evasion Testing
rss:darkreading breachesmalwarethreat-actors 2d ago
INFO
Tropical Blend: Cyber & Politics Ramp Up Across Latin America
rss:darkreading breachesmalwarethreat-actors 2d ago
HIGH
CVE-2026-8889 (CVSS 7.5) — Version 3.0.7 of the Securly Chrome Extension uses deprecated SHA-1 hashing for IWF CSAM URL matchin...
NVD CVE-2026-8889 2d ago
HIGH
CVE-2026-8888 (CVSS 7.5) — Version 3.0.7 of the Securly Chrome Extension downloads config.json over HTTP and compiles server-pr...
NVD CVE-2026-8888 2d ago
INFO
Cyber Insurance Rates Are Dropping, but Exclusions Widen
rss:darkreading breachesmalwarethreat-actors 2d ago
HIGH
CVE-2026-20230 (CVSS 8.6) — A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communication...
NVD CVE-2026-20230 +1 2d ago
INFO
Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public
The Hacker News 1d ago
INFO
Coralogix Raises $200M at $1.6B Valuation to Scale AI Observability Platform
SecurityWeek breachesransomwaresupply-chain 2d ago
CRITICAL
CVE-2026-5241 (CVSS 9.6) — A vulnerability in the LightGlue model loading path of huggingface/transformers version 5.2.0 allows...
NVD CVE-2026-5241 2d ago
HIGH
CVE-2022-49042 (CVSS 7.8) — An inclusion of functionality from untrusted control sphere vulnerability in MinGW DLL component in ...
NVD CVE-2022-49042 2d ago
HIGH
CVE-2022-49036 (CVSS 7.8) — An inclusion of functionality from untrusted control sphere vulnerability in OpenSSL configuration i...
NVD CVE-2022-49036 2d ago
INFO
Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)
The Hacker News CVE-2026-23479supply-chainbreaches 2d ago
HIGH
CVE-2026-35085 (CVSS 8.8) — A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig to ga...
NVD CVE-2026-35085 2d ago
HIGH The Hacker News Tue, 19 May 2026 05:28:06 UTC
Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials
https://thehackernews.com/2026/05/github-actions-supply-chain-attack.html
TL;DR AI
Here is a concise summary of the article in 3 sentences: A vulnerability in GitHub Actions workflow, actions-cool/issues-helper, has allowed threat actors to redirect popular GitHub Actions to an imposter commit that steals sensitive credentials and exfiltrates them to an attacker-controlled server. The imposter commit, which contains malicious code that downloads and exfiltrates credentials, has been compromised in two separate GitHub Actions, and 15 additional tags have been targeted, including "actions-cool/maintain-one-comment". The compromised actions have been disabled due to a violation of GitHub's terms of service, and the attackers are likely linked to the Mini Shai-Hulud campaign targeting npm packages from the @antv ecosystem.
supply-chainbreachesmalware
Read full story ↗
Related coverage (81)
ABB AC500 V3 Stack Buffer Overflow in Cryptographic Message Syntax
rss:cisa-advisories 24d ago
Fuji Electric Tellus
rss:cisa-advisories 24d ago
ABB AC500 V3 Multiple Vulnerabilities
rss:cisa-advisories 24d ago
Subnet Solutions PowerSYSTEM Center
rss:cisa-advisories 24d ago
ABB Automation Builder Gateway for Windows
rss:cisa-advisories 24d ago
ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities
rss:cisa-advisories 24d ago
Siemens Siemens ROS#
rss:cisa-advisories 22d ago
Siemens gWAP
rss:cisa-advisories 22d ago
Siemens SIMATIC
rss:cisa-advisories 22d ago
Siemens Ruggedcom Rox
rss:cisa-advisories 22d ago
Siemens Ruggedcom Rox
rss:cisa-advisories 22d ago
Siemens Simcenter Femap
rss:cisa-advisories 22d ago
Universal Robots Polyscope 5
rss:cisa-advisories 22d ago
Siemens Ruggedcom Rox
rss:cisa-advisories 22d ago
Siemens Teamcenter
rss:cisa-advisories 22d ago
Siemens Solid Edge
rss:cisa-advisories 22d ago
Siemens SENTRON 7KT PAC1261 Data Manager
rss:cisa-advisories 22d ago
Siemens Opcenter RDnL
rss:cisa-advisories 22d ago
Siemens Ruggedcom Rox
rss:cisa-advisories 22d ago
Siemens Industrial Devices
rss:cisa-advisories 22d ago
Siemens SIMATIC S7 PLC Web Server
rss:cisa-advisories 22d ago
Siemens SIPROTEC 5
rss:cisa-advisories 22d ago
Siemens SIMATIC
rss:cisa-advisories 22d ago
Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt
The Hacker News 19d ago
Kieback & Peter DDC Building Controllers
rss:cisa-advisories 17d ago
Siemens RUGGEDCOM APE1808 Devices
rss:cisa-advisories 17d ago
ABB CoreSense HM and CoreSense M10
rss:cisa-advisories 17d ago
ScadaBR
rss:cisa-advisories 17d ago
ZKTeco CCTV Cameras
rss:cisa-advisories 17d ago
CISA Exposes Secrets, Credentials in 'Private' Repo
rss:darkreading 17d ago
GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories
The Hacker News 16d ago
GitHub investigates internal repositories breach claimed by TeamPCP
BleepingComputer 16d ago
GitHub confirms breach of 3,800 repos via malicious VSCode extension
BleepingComputer 16d ago
Schnieider Electric EcoStruxure Machine Expert HVAC (SEVD-2026-132-01)
rss:cisa-advisories 16d ago
Senator presses CISA for answers about alleged GitHub repository leak
The Record 16d ago
GitHub confirms being hacked by TeamPCP, says customer data unaffected
The Record 16d ago
Grafana breach caused by missed token rotation after TanStack attack
BleepingComputer 16d ago
GitHub Confirms Breach, 4K Internal Repos Stolen
rss:darkreading 16d ago
GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
The Hacker News 15d ago
GitHub links repo breach to TanStack npm supply-chain attack
BleepingComputer 15d ago
ABB Terra AC Wallbox
rss:cisa-advisories 15d ago
ABB B&R Automation Studio
rss:cisa-advisories 15d ago
ABB B&R Automation Runtime
rss:cisa-advisories 15d ago
ABB B&R PCs
rss:cisa-advisories 15d ago
Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack
SecurityWeek 14d ago
Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
The Hacker News 14d ago
CISA Security Leak
rss:schneier 14d ago
Lawmakers Demand Answers as CISA Tries to Contain Data Leak
Krebs 14d ago
Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
The Hacker News 13d ago
npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks
The Hacker News 13d ago
Laravel Lang packages hijacked to deploy credential-stealing malware
BleepingComputer 13d ago
Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack
SecurityWeek 11d ago
ABB Terra AC
rss:cisa-advisories 10d ago
ABB LVS MConfig
rss:cisa-advisories 10d ago
ABB Ability Camera Connect
rss:cisa-advisories 10d ago
Eppendorf BioFlo 320
rss:cisa-advisories 10d ago
ABB AbilityTM Zenon Remote Transport Vulnerability
rss:cisa-advisories 10d ago
ABB AC500 V2
rss:cisa-advisories 10d ago
ABB B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM)
rss:cisa-advisories 10d ago
Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos
rss:darkreading 10d ago
Malicious npm Package Stole Files From Claude AI User Directory via GitHub
The Hacker News 9d ago
ABB EIBPORT
rss:cisa-advisories 8d ago
Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter
rss:cisa-advisories 8d ago
ABB Busch-Welcome 2 Wire Door Opener Actuator
rss:cisa-advisories 8d ago
Fourth Frontier Frontier X Mobile Application, Frontier X2
rss:cisa-advisories 8d ago
CP Plus 8 Ch. Network Video Recorder
rss:cisa-advisories 8d ago
XCharge C6
rss:cisa-advisories 8d ago
KMW CCTV Security Cameras
rss:cisa-advisories 8d ago
MacGregor Voyage Data Recorder (VDR) G4e
rss:cisa-advisories 8d ago
Supply Chain Compromises Impact Nx Console and GitHub Repositories
rss:cisa-advisories 8d ago
Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal
The Hacker News 8d ago
Microsoft calls zero-day releases ‘never justifiable’ as researcher threatens to drop more
The Record 7d ago
OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack
The Hacker News 4d ago
Red Hat removes tainted packages after software pipeline compromise
The Record 3d ago
VS Code zero-day lets hackers steal GitHub tokens in one click
BleepingComputer 2d ago
NAVTOR NavBox
rss:cisa-advisories 1d ago
Hitachi Energy MACH HiDraw
rss:cisa-advisories 1d ago
Hitachi Energy ITT600 Explorer
rss:cisa-advisories 1d ago
B&R PPT30 Operating System
rss:cisa-advisories 1d ago
Hitachi Energy RTU500
rss:cisa-advisories 1d ago
Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
The Hacker News 1d ago