Anthropic’s Mythos Will Force a Cybersecurity Reckoning—Just Not the One You Think

The new AI model is being heralded—and feared—as a hacker’s superweapon. Experts say its arrival is a wake-up call for developers who have long made security an afterthought...

UBUNTU-CVE-2026-1752

GitLab has remediated an issue in GitLab EE affecting all versions from 11.3 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user with developer-role permissions to modify protected environment settings due to improper authorization checks in t...

CVE-2026-1752

GitLab has remediated an issue in GitLab EE affecting all versions from 11.3 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user with developer-role permissions to modify protected environment settings due to improper authorization checks in t...

CVE-2026-1752 Incorrect Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 11.3 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user with developer-role permissions to modify protected environment settings due to improper authorization checks in t...

CVE-2026-1752

GitLab EE: An authenticated user with developer-role permissions could modify protected environment settings due to improper authorization checks in the API. Affected versions: 11.3–18.8.8 (before 18.8.9), 18.9 (before 18.9.5), and 18.10 (before 18.10.3). CVSS v3.1 base score 4.3 (Medium). Remedi...

DEBIAN-CVE-2026-5901

Insufficient policy enforcement in DevTools in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to bypass enterprise host restrictions for cookie modification via a crafted Chrome Extension. Chromium security severity: Low...

GitLab 11.3 < 18.8.9 / 18.9 < 18.9.5 / 18.10 < 18.10.3 (CVE-2026-1752)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab EE affecting all versions from 11.3 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user with developer-ro...

PT-2026-31541

Name of the Vulnerable Software and Affected Versions GitLab EE versions 11.3 through 18.8.9, 18.9 through 18.9.5, and 18.10 through 18.10.3 Description GitLab EE was found to have improper authorization checks in the API. This allowed an authenticated user with developer-role permissions to modi...

CVE-2026-39312

SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. In 5.2.5188 and earlier, a pre-authentication denial-of-service vulnerability exists in SoftEther VPN Developer Edition 5.2.5188 and likely earlier versions of Developer Edition. An unauthenticated remote attacker can cra...

CVE-2026-39312 Pre-Auth EAP-TLS DoS on SoftEther VPN Developer Edition

SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. In 5.2.5188 and earlier, a pre-authentication denial-of-service vulnerability exists in SoftEther VPN Developer Edition 5.2.5188 and likely earlier versions of Developer Edition. An unauthenticated remote attacker can cra...

CVE-2026-39312

CVE-2026-39312 affects SoftEtherVPN Developer Edition 5.2.5188 and earlier. It is a pre-authentication denial-of-service where an unauthenticated remote attacker can crash the vpnserver by sending a malformed EAP-TLS packet over raw L2TP (UDP/1701), terminating all active VPN sessions. The root c...

Important: Red Hat Security Advisory: Red Hat Developer Hub 1.9.3 release.

Red Hat Developer Hub 1.9.3 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...

Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate Developer Edition

Summary Multiple vulnerabilities were addressed in IBM watsonx Orchestrate Developer Edition version 2.7.0 Vulnerability Details CVEID:CVE-2025-14009 DESCRIPTION: A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions. The unzipiter function in...

How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers

The most active piece of enterprise infrastructure in the company is the developer workstation. That laptop is where credentials are created, tested, cached, copied, and reused across services, bots, build tools, and now local AI agents. In March 2026, the TeamPCP threat actor proved just how...

KADOS SQL注入漏洞

KADOS is a note-taking tool developed by fouvolant’s individual developer. KADOS has a SQL injection vulnerability, which stems from the injection of SQL code through the filterusermail parameter. This vulnerability may lead to SQL injection attacks...

Android Developer Verification Rollout Begins Ahead of September Enforcement

Google on Monday said it's officially rolling out Android developer verification to all developers to combat the problem of bad actors distributing harmful apps while "hiding behind anonymity." The development comes ahead of a planned verification mandate that goes into effect in Brazil, Indonesi...

Important: Red Hat Security Advisory: Red Hat Developer Hub 1.8.5 release.

Red Hat Developer Hub 1.8.5 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...

The State of Secrets Sprawl 2026: 9 Takeaways for CISOs

Secrets sprawl isn't slowing down: in 2025, it accelerated faster than most security teams anticipated.GitGuardian's State of Secrets Sprawl 2026 report analyzed billions of commits across public GitHub and uncovered 29 million new hardcoded secrets in 2025 alone, a 34% increase year over year an...

Uncovering Relationships between Android Developers, User Privacy, and Developer Willingness to Reduce Fingerprinting Risks

The major mobile platforms, Android and iOS, have introduced changes that restrict user tracking to improve user privacy, yet apps continue to covertly track users via device fingerprinting. We study the opportunity to improve this dynamic with a case study on mobile fingerprinting that evaluates...

CVE-2026-5023

A vulnerability has been found in DeDeveloper23 codebase-mcp up to 3ec749d237dd8eabbeef48657cf917275792fde6. This vulnerability affects the function getCodebase/getRemoteCodebase/saveCodebase of the file src/tools/codebase.ts of the component RepoMix Command Handler. Such manipulation leads to os...