Malicious Tags Used to Inject Credential Stealer Into Laravel-Lang Packages
Attackers rewrote git tags in Laravel-Lang PHP packages to inject a credential stealing payload that executes silently on application startup.
The Latest
Choosing the Right Malware Sandbox for Advanced Threat Analysis
A detailed guide to understanding how malware sandboxes provide behavioral analysis to detect evasive threats that bypass traditional signature based…
Drupal PostgreSQL SQL Injection Flaw Faces Active Exploitation
Drupal has confirmed active attacks against a critical SQL injection vulnerability in its database abstraction API affecting PostgreSQL-based sites.
Microsoft Patches Active Defender Flaws Under Attack
Microsoft releases emergency patches for two actively exploited Defender security flaws, including a privilege escalation bug that gives attackers full…
GitHub Investigation Points to VS Code Extension Attack in Source Code Theft
Attackers accessed thousands of GitHub internal repositories by compromising an employee device through a malicious Visual Studio Code extension.
Undetected Linux Kernel Flaw Opens Root Access on Major Distributions
Qualys researchers disclosed a nine-year-old Linux kernel vulnerability that enables local attackers to gain root access and steal sensitive credentials…
CypherLoc Scareware Locks Browsers to Drive Fake Support Scams
A scareware kit called CypherLoc has locked browsers in an estimated 2.8 million attacks since early 2026, using full screen…
Massive Scanning Campaign Targets SonicWall Firewall Interfaces Worldwide
Scanning volume against SonicWall SonicOS API jumped 46 times normal levels on May 12, matching a reconnaissance pattern seen before…
Malicious JDownloader Installers and Deepfake Sextortion Threats Dominate Security Week
A surge in attacks includes tainted JDownloader installers, deepfake sextortion targeting schools, and insider login sales by employees.
Ghost CMS Flaw Fueling Large Scale ClickFix Social Engineering Campaign
Researchers observed that vulnerable university and tech company sites were used to serve fake Cloudflare prompts that tricked visitors into…
Critical LiteSpeed Plugin Flaw Lets Attackers Execute Commands as Root
Attackers are actively exploiting a maximum severity privilege escalation flaw in the LiteSpeed cPanel plugin that grants arbitrary script execution as root.
Automated GitHub Supply Chain Attack Hits Thousands of Repositories in a Day
Security researchers uncovered a massive automated attack that injected malicious CI/CD backdoors into thousands of GitHub repositories by abusing GitHub…
Trend Micro Apex One Directory Traversal Flaw Actively Exploited in Targeted Attacks
Trend Micro has confirmed at least one in the wild exploit attempt against a directory traversal vulnerability in its Apex…
Google Accidentally Publishes Details of Unfixed Chromium Bug Allowing Silent JavaScript Execution
Google's accidental publication of an unfixed Chromium flaw allows JavaScript to run silently in browsers even after they are closed,…
Spotlight
Unlocking Hidden Attack Surface: Testing Windows Drivers Without Their Hardware
A new methodology shows how to test Windows kernel driver vulnerabilities for exploitability without requiring the specific hardware the driver was built for.
International Operation Shuts Down VPN Service Used by Two Dozen Ransomware Groups
A VPN service advertised on Russian cybercrime forums as a way to hide from police has been taken offline in a multinational operation across 18 countries.
Anthropic’s Claude Mythos AI Uncovers Thousands of Critical Flaws in Key Software
Anthropic's Claude Mythos Preview AI identified over 10,000 high-severity flaws in critical software, with 97 findings already patched upstream.
Critical Flaw in Nginx Web Server Allows Code Execution Via Heap Overflow
A new heap overflow vulnerability in NGINX allows unauthenticated remote attackers to crash worker processes or execute arbitrary code.
Features
The Rise of Crypto Drainer Services: How Thieves Empty Wallets Without Hacking Devices
Modern crypto drainer operations have evolved into structured affiliate programs that steal assets by tricking users into approving malicious blockchain…
Italian Police Dismantle Streaming Piracy App That Stole Legitimate Credentials
Italian police seized servers and fined subscribers in a major crackdown on a pirate streaming app that hijacked legitimate platform…
Flipper One Seeks Community Developers for Open Linux Hardware Platform
Flipper Devices is asking developers and engineers to help build its new portable ARM Linux computer, which is designed for…
GitHub Tightens npm Security with Staged Publishing and Install Source Controls
GitHub now requires human approval with 2FA for npm package publications and gives developers granular control over package install sources.
North Korean Attackers Abuse Hugging Face to Spread Malicious npm Packages
A North Korean linked threat actor uses Hugging Face's trusted platform to host malware and exfiltrate stolen data from developer…
Backdoored art-template npm Package Turns Websites into iOS Exploit Delivery Points
The compromised art-template npm package silently injected a Coruna exploit kit into web applications, targeting iOS users with a watering…