Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft

May 1, 2026 at 03:13PM A new software supply chain attack campaign has been observed using sleeper packages as a conduit to subse…

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

April 30, 2026 at 05:00PM Intro A sophisticated, high-resilience malicious campaign was identified by Atos Threat Research Cent…

New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions

April 30, 2026 at 02:54PM Cybersecurity researchers have disclosed details of a Linux local privilege escalation (LPE) flaw tha…

Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution

April 30, 2026 at 12:37PM Google has addressed a maximum severity security flaw in Gemini CLI -- the "@google/gemini-cli&q…

CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV

April 29, 2026 at 02:16PM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws …

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

April 29, 2026 at 11:04AM In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly discl…

Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push

April 28, 2026 at 11:49PM Cybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHu…

Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign

April 28, 2026 at 11:09PM A cybercrime group of Brazilian origin has resurfaced after more than three years to orchestrate a ca…

After Mythos: New Playbooks For a Zero-Window Era

April 28, 2026 at 04:00PM When patching isn’t fast enough, NDR helps contain the next era of threats. If you’ve been tracking a…

Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks

April 28, 2026 at 01:27PM A Chinese national accused of being a member of the Silk Typhoon hacking group has been extradited to…

Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202

April 28, 2026 at 11:20AM Microsoft on Monday revised its advisory for a now-patched, high-severity security flaw impacting Win…

Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware

April 27, 2026 at 04:53PM Cybersecurity researchers have flagged dozens of Microsoft Visual Studio Code (VS Code) extensions on…