Malicious Package

Overview undeclared-variables-check is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavi...

Malicious Package

Overview babel-compile-templates is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavior...

Malicious Package

Overview transform-es2015-shorthand-properties is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it...

Malicious Package

Overview transform-dev is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavior The packag...

Vulnerabilities fixed in GitLab

GitLab fixed vulnerabilities in versions 18.9.2, 18.8.6 and 18.7.6 The vulnerabilities included several issues, including incorrect authorization checks that allowed authenticated users to access sensitive data, such as metadata from private repositories, and enabling denial-of-service situations...

The Face of Penetration Testing is Changing: Announcing Metasploit Pro 5.0.0

The role and demand for red-teaming capabilities are growing, as more exploitable CVEs make their way into criminal hands. Being proactive is no longer a capability that can be reserved for annual tests, but a continuous assessment to determine exposure and even through the validation of an...

CVE-2026-31976 xygeni-action v5 tag poisoned with C2 backdoor

xygeni-action is the GitHub Action for Xygeni Scanner. On March 3, 2026, an attacker with access to compromised credentials created a series of pull requests 46, 47, 48 injecting obfuscated shell code into action.yml. The PRs were blocked by branch protection rules and never merged into the main...

CVE-2025-12555

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.1 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that, under certain conditions, could have allowed an authenticated user to access previous pipeline job information on projects with repository and CI/CD...

CVE-2025-12555

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.1 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that, under certain conditions, could have allowed an authenticated user to access previous pipeline job information on projects with repository and CI/CD...

CVE-2025-12555 Incorrect Authorization in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.1 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that, under certain conditions, could have allowed an authenticated user to access previous pipeline job information on projects with repository and CI/CD...

CVE-2025-12555

Removed by vendor...

PT-2026-24721

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.1 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that, under certain conditions, could have allowed an authenticated user to access previous pipeline job information on projects with repository and CI/CD...

xygeni-action 安全漏洞

Oxyni-action is a GitHub code security scanning workflow plugin developed by Xygeni. Oxyni-action has a security vulnerability that stems from tag poisoning, which can lead to supply chain attacks, allowing attackers to execute arbitrary commands on the CI runner...

PT-2026-24808

xygeni-action is the GitHub Action for Xygeni Scanner. On March 3, 2026, an attacker with access to compromised credentials created a series of pull requests 46, 47, 48 injecting obfuscated shell code into action.yml. The PRs were blocked by branch protection rules and never merged into the main...

GO-2026-4588 `melange update-cache` has unbounded HTTP download that can exhaust disk in CI in chainguard.dev/melange

melange update-cache has unbounded HTTP download that can exhaust disk in CI in chainguard.dev/melange...

CVE-2026-27139 vulnerabilities

Vulnerabilities for packages: knative-net-istio-fips, kapp, datadog-agent, influxd, restic-fips, http-echo, gatus-fips, kube-bench, custom-pod-autoscaler-fips, ingress-nginx-controller, postgres-operator-fips, terraform-provider-azuread, crossplane-provider-aws-sqs-fips, elastic-agent,...

What Is Exposure Management? A Modern Guide

Attackers don't just look for a single high-severity vulnerability; they look for a path of least resistance. They connect the dots between a misconfigured cloud service, an exposed credential, and an unpatched server to reach their goal. To build a strong defense, you need to see your environmen...

prima-incident-response-security-poc

DevOps Security Pipeline POC A security-integrated CI/CD pipe...

CVE-2026-28466

OpenClaw versions prior to 2026.2.14 contain a vulnerability in the gateway in which it fails to sanitize internal approval fields in node.invoke parameters, allowing authenticated clients to bypass exec approval gating for system.run commands. Attackers with valid gateway credentials can inject...

How HiveForce Labs Finds Threats Before They Hit

There’s often a huge gap between knowing about a threat and knowing if you’re protected from it. A threat feed might tell you about a new attack campaign, but that information lives in a report. It doesn't tell you what would happen if that same attack hit your network. This is the difference...