CVE-2026-35469 vulnerabilities

Vulnerabilities for packages: kcp-fips-0.29, rancher-fleet-fips, linkerd2-fips, eks-distro-fips, rancher-agent, cloudnative-pg, terraform-provider-kubernetes, percona-xtradb-cluster-operator-fips, kubescape-server-fips, kubescape-server, linkerd2, juicefs-csi-driver, kiali-fips, vcluster,...

CVE-2026-1229 vulnerabilities

Vulnerabilities for packages: wal-g, tfsec, crossplane-provider-aws-cloudfront, cilium-cli, extism, crossplane-provider-aws-iam, flux-source-controller, lazygit, opentofu, gitness, dagger, gitaly, terraform-provider-pagerduty, skaffold, buildkitd, terraform-provider-azurerm, snyk-cli, helm-push,...

GHSA-Q9HV-HPM4-HJ6X vulnerabilities

Vulnerabilities for packages: wal-g, tfsec, crossplane-provider-aws-cloudfront, cilium-cli, extism, crossplane-provider-aws-iam, flux-source-controller, lazygit, opentofu, gitness, dagger, gitaly, terraform-provider-pagerduty, skaffold, buildkitd, terraform-provider-azurerm, snyk-cli, helm-push,...

Malicious code in @bosch-rollouts-extensions/soup (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 03bf5cb8a8241befda2ac9e7228f23b30a5160b0bd759c8887503d7a6b6cbb7e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5661 Malicious code in @bosch-rollouts-extensions/soup (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 03bf5cb8a8241befda2ac9e7228f23b30a5160b0bd759c8887503d7a6b6cbb7e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @bosch-iot-console/rollouts (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 76a7c59a1a8e53130cfd7701d08a305d5e478e43a2a5b39f57258f504069f050 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps 1.16.1 security release

Errata advisory for Red Hat OpenShift GitOps 1.16.1 security release. The Red Hat OpenShift GitOps 1.16.1 release provides security updates to the Argo CD CLI, Argo Rollouts CLI and MicroShift GitOps. Security Fixes: openshift-gitops-1/argocd-rhel9: Improper URL Sanitization in Argo CD Repository...

GHSA-7WRW-R4P8-38RX vulnerabilities

Vulnerabilities for packages: oras, memcached-exporter, terraform, trust-manager, kubeflow-katib, rancher-loglevel, gosu, bank-vaults, influx, aws-flb-kinesis, kapp, sftpgo-plugin-eventsearch, cass-operator, helm-push, newrelic-nri-statsd, k8ssandra-operator, trillian, atlantis, overmind, fscrypt...

GHSA-3F6R-QH9C-X6MM vulnerabilities

Vulnerabilities for packages: oras, memcached-exporter, terraform, trust-manager, kubeflow-katib, rancher-loglevel, gosu, bank-vaults, influx, aws-flb-kinesis, kapp, sftpgo-plugin-eventsearch, cass-operator, helm-push, newrelic-nri-statsd, k8ssandra-operator, trillian, atlantis, overmind, fscrypt...

GHSA-29QP-CRVH-W22M vulnerabilities

Vulnerabilities for packages: crossplane-provider-aws-s3, crossplane-provider-azure-storage, crossplane-provider-aws-ec2, crossplane-provider-azure-sql, crossplane-provider-azure-managedidentity, crossplane-provider-aws-cloudfront, crossplane-provider-aws-memorydb, crossplane-provider-azure,...

What is Progressive Delivery ?

Delving Into the Essential Elements of Incremental Deployment Incremental deployment is an approach in the realm of software engineering, characterized by a phased release cycle. It allows the introduction of new features or updates to a select user community initially, before rolling them out to...

ThreatList: Most Retail Hardware Bug Bounty Flaws Are Critical

Almost all of hardware vulnerabilities – 90 percent – that were submitted to retail bug bounty programs so far this year were categorized as critical, showing that Point of Sale systems and other retail hardware assets remain a serious security issue. That’s due to the fact that retail hardware...

SMTP STS Coming Soon to Gmail, Other Webmail Providers

Gmail users can expect the introduction of SMTP Strict Transport Security to the email service some time this year, bringing a measure of security similar to certificate pinning to one of the world’s biggest webmail services. Elie Bursztein, the head of Google’s anti-abuse research team, said at...

HTTPS Available as Opt-In for Blogspot

Google said on Wednesday it has made HTTPS available as an opt-in for its Blogspot publishing service. Google and other technology providers have been ramping up encryption rollouts in the two years since the publication of the Snowden documents began. To date, Google has encrypted Gmail, search,...