InfoWorld

Infected Red Hat npm packages expose developer credentials

Researchers have uncovered a new Shai-Hulud malware variant targeting Red Hat-related npm packages, spreading through ...
Martin Cid Magazine

Malicious code hid inside Red Hat’s npm packages and spread to steal cloud keys

Security researchers found malicious code buried inside more than 30 of Red Hat's official software packages, built to ...
The Hacker News

âš¡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More

Your Monday cybersecurity recap covers the latest digital threats, exposed weaknesses, active attacks, and security stories ...
CSO Online

Google leaks details for Chromium bug that can turn browsers into bots

Reported over three years ago and allegedly still not properly fixed, the vulnerability enables attacks to execute JavaScript ...
InfoWorld

GitHub admits major source code leak after 3,800 internal repositories breached

Microsoft’s GitHub has suffered what appears to be its biggest ever security breach after confirming that attackers ...
TechCrunch

Hackers have compromised dozens of popular open source packages in an ongoing supply-chain attack

In an ongoing cyberattack, hackers have compromised several popular open source projects that software developers all over the world rely on. On Tuesday, cybersecurity firms StepSecurity and SafeDep ...
SecurityWeek

Researcher Drops MiniPlasma Windows Exploit for Unpatched 2020 CVE

A security researcher has released an exploit targeting a Windows vulnerability disclosed in 2020, warning that it might have never been patched. The flaw, tracked as CVE-2020-17103 (CVSS score of 7.0 ...
Bleeping Computer

New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released

A cybersecurity researcher has released a proof-of-concept exploit for a Windows privilege escalation zero-day dubbed "MiniPlasma" that lets attackers gain SYSTEM privileges on fully patched Windows ...
Engadget

Security researchers, aided by Anthropic's Mythos, claim to have breached macOS

Apple's operating systems are known for their security, especially compared to their rivals in mobile and computing. Now, security researchers from a Palo Alto-based company called Calif claim they ...
CoinDesk

Thorchain halts trading after $10 million cross-chain exploit, RUNE token drops 12%

Decentralized cross-chain liquidity protocol THORChain was exploited for roughly $10.8 million on Friday, with the attack affecting deployments across four different blockchains. In response, the ...
Crypto Briefing

THORChain loses nearly $11 million in suspected exploit as RUNE tumbles 13%

THORChain, the decentralized cross-chain liquidity protocol that enables swaps between major blockchain networks, appears to have been exploited for approximately $11 million across Bitcoin, Ethereum, ...
9to5Mac

Calif team details how Anthropic Mythos helped build a working macOS exploit in five days

The team behind the first public macOS kernel memory corruption exploit on M5 silicon has shared fresh details on how Mythos Preview helped bypass a five-year Apple security effort in five days. Last ...