All Recent Posts

Internet Security

A malicious VS code extension just breached GitHub ‘s internal repositories

May 20, 2026 add comment
One employee installed a trojanized VS Code extension. Result: ~3,800 GitHub internal repositories exfiltrated. TeamPCP claims credit, wants $50K. There is something almost ironic about GitHub, the platform that... Read more »
Internet Security

DirtyDecrypt: PoC Released for yet another Linux flaw

May 20, 2026 add comment
DirtyDecrypt (CVE-2026-31635): working PoC out for a Linux kernel LPE flaw. Missing COW guard in rxgk_decrypt_skb lets local attackers reach root. After Copy Fail, Dirty Frag, and Fragnesia, here... Read more »
Internet Security

Alleged Huawei zero-day blamed for the 2025 Luxembourg telecom crash

May 20, 2026 add comment
A Huawei zero-day flaw reportedly caused Luxembourg’s 2025 nationwide outage, disrupting landline, 4G/5G, and emergency services On July 23, 2025, a nationwide telecom outage in Luxembourg was reportedly triggered... Read more »
The Hacker News

Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account

May 20, 2026 add comment
Cybersecurity researchers have discovered a fresh software supply chain attack campaign that has compromised various npm packages associated with the @antv ecosystem as part of the ongoing Mini Shai-Hulud... Read more »

Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware

May 20, 2026 add comment
Cybersecurity researchers have discovered four new npm packages containing information-stealing malware, one of which is a clone of the Shai-Hulud worm open-sourced by TeamPCP. The list of identified packages... Read more »
Internet Security

Drupal is rolling out an emergency security update on May 20. You cannot miss it

May 19, 2026 add comment
Drupal Is Pushing an Emergency Security Update Tomorrow. If You Run a Drupal Site, This Is Not One to Miss. Something significant is coming out of the Drupal project... Read more »

MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems

May 19, 2026 add comment
Chaotic Eclipse, the security researcher behind the recently disclosed Windows flaws, YellowKey and GreenPlasma, has released a proof-of-concept (PoC) for a Windows privilege escalation zero-day flaw that grants attackers... Read more »
Internet Security

Microsoft dismantled malware-signing network Fox Tempest

May 19, 2026 add comment
Microsoft disrupted Fox Tempest, a malware-signing-as-a-service (MSaaS) that allowed attackers to sign malware with fake trusted certificates. Microsoft said it disrupted a cybercrime operation run by a threat actor... Read more »
Security of TechRepublic

Grafana Rejects Ransom Demand After GitHub Breach Exposes Codebase Theft

May 19, 2026 add comment
Grafana refused an extortion demand after attackers used a stolen GitHub token to download code, with no customer data exposed so far. The post Grafana Rejects Ransom Demand After... Read more »
Security of TechRepublic

AdvancedHEALTH Ransomware Claim Includes 2.3M Patient Data Lines

May 19, 2026 add comment
DragonForce claims it stole 390GB from AdvancedHEALTH, including patient data and minors’ records, as breach notices and legal scrutiny begin. The post AdvancedHEALTH Ransomware Claim Includes 2.3M Patient Data... Read more »
Subscribe to our Newsletter