CVE-2026-31431 exploited in Linux since 2017, enabling root access via simple PoC, increasing container and cloud risks.
Trellix reports source code breach with partial repository access, no exploitation found, raising security concerns.
China-linked hackers exploit Exchange flaws since Dec 2024 across 8 countries, enabling espionage and credential theft ...
Sleeper packages in Ruby and Go steal credentials and alter CI workflows, leading to persistent access and data exfiltration.
Facebook accounts hacked via AppSheet phishing emails, exploiting Meta lures, leading to large-scale account theft and resale ...
SMS blasters, npm supply chain hits, and unpatched Windows flaws. Stay ahead of new phishing kits and exposed servers.
Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
Two cybersecurity experts got 4-year sentences after enabling 2023 BlackCat attacks, exposing insider abuse and $1.2M ransom ...
GitHub facades and Ethereum smart contracts power a March 2026 admin-targeted campaign, enabling resilient C2 rotation and ...
SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.
Panel patches authentication flaw across supported versions, prompting Namecheap port blocks and temporary access limits.
Gemini CLI CVSS 10.0 flaw in versions below 0.39.1 enabled RCE in CI workflows, forcing Google to mandate explicit workspace ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results