A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations...

RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded

RubyGems , the standard package manager for the Ruby programming language, has temporarily paused account sign ups following what has been described as a "major malicious attack." "We're dealing with a major malicious attack on RubyGems right now," Maciej Mensfeld, senior product manager for...

Red Agent and Claude Opus: Securing Production Targets at Scale

Delivering enterprise-grade continuous AI-powered risk assessment to hundreds of customers through the combined power of Wiz and Anthropic...

Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools

Threat actors associated with Qilin and Warlock ransomware operations have been observed using the bring your own vulnerable driver BYOVD technique to silence security tools running on compromised hosts, according to findings from Cisco Talos and Trend Micro. Qilin attacks analyzed by Talos have...

OVHcloud Founder Denies Massive 590TB Data Breach Claims

OVHcloud denies breach after hacker claims 600TB data theft affecting millions of sites, with experts doubting authenticity due to weak proof...

sm-crypto Affected by Private Key Recovery in SM2-PKE

Summary A private key recovery vulnerability exists in the SM2 decryption logic of sm-crypto. By interacting with the SM2 decryption interface multiple times, an attacker can fully recover the private key within approximately several hundred interactions. Credit This vulnerability was discovered...

PT-2026-3893

Name of the Vulnerable Software and Affected Versions sm-crypto versions prior to 0.3.14 Description sm-crypto, a JavaScript library providing implementations of Chinese cryptographic algorithms SM2, SM3, and SM4, contains a flaw in the SM2 decryption logic. An attacker can recover the private ke...

The Justice Department Released More Epstein Files—but Not the Ones Survivors Want

The DOJ says it still has “hundreds of thousands” of pages to review, as the latest Epstein files release spurred more pushback from Democratic lawmakers and other critics of the administration...

Photo booth flaw exposes people’s private pictures online

Photo booths are great. You press a button and get instant results. The same can’t be said, allegedly, for the security practices of at least one company operating them. A security researcher spent weeks trying to warn a photo booth operator about a vulnerability in its system. The flaw reportedl...

New Android malware lets criminals control your phone and drain your bank account

Albiriox is a new family of Android banking malware that gives attackers live remote control over infected phones, letting them quietly drain bank and crypto accounts during real sessions. Researchers have analyzed a new Android malware family called Albiriox which is showing signs of developing...

AIPAC Discloses Data Breach, Says Hundreds Affected

AIPAC reports data breach after external system access, hundreds affected, investigation ongoing with added security steps...

Senate Probe Uncovers Allegations of Widespread Abuse in ICE Custody

Led by US senator Jon Ossoff, the investigation cites hundreds of reports since January, including accounts of miscarriages, child neglect, and sexual abuse at ICE detention centers in dozens of states...

PT-2023-32152 · Mattermost · Mattermost Mobile

Name of the Vulnerable Software and Affected Versions: Mattermost Mobile affected versions not specified Description: The issue allows an attacker to send a post with hundreds of emojis to a channel, which can freeze the mobile app of users when viewing that particular channel. This occurs becaus...

Malicious code in beautfiulsoup (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 8b85b50bcd0b4a330d349dd99f0b5eaa5f9409daaa38deac675c838f483ef0d4 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in gitpyython (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 034a4eb98d000c35dace5c2451b6a3f746d63207ee70e9a7104a93875e29998b Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in psuutil (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 71840b4eaafce178353cc51cd2db42fd77b71973710b0701befec4bebc249ef4 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in simpejson (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx e65283d58f55003864ced6f01e17b127407e80175f3f30c3df5f0ebe8fd849a1 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in cikit-learn (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 3daa27d0d887457e5d14d0ace568503e4d06df51e1812a869789d19342b49137 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in selennium (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx b37dc0abadd5b8fa7690a61c9c627118f236dbee818f2247603b13f315477135 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

CVE-2022-48256

Technitium DNS Server before 10.0 allows a self-CNAME denial-of-service attack in which a CNAME loop causes an answer to contain hundreds of records...