On Wednesday, Microsoft started rolling out security patches for two Defender vulnerabilities that have been exploited in ...

GitHub says the hackers who breached 3,800 internal repositories gained access via a malicious version of the Nx Console VS Code extension, compromised in last week's TanStack npm supply-chain attack.

The Ukrainian cyberpolice, working in conjunction with U.S. law enforcement, has identified an 18-year-old man from Odesa suspected of running an infostealer malware operation targeting users of an ...

Threat actors brute-forced VPN credentials and bypassed multi-factor authentication (MFA) on SonicWall Gen6 SSL-VPN ...

Drupal has announced a "core security release" scheduled for later today, warning that threat actors might develop exploits ...

The Grafana data breach was caused by a single GitHub workflow token that slipped through the rotation process following the ...

GitHub has confirmed that roughly 3,800 internal repositories were breached after one of its employees installed a malicious ...

PinTheft, a recently patched Linux privilege escalation vulnerability, now has a publicly available proof-of-concept (PoC) ...

Identity checks alone can't stop attackers using stolen session tokens and compromised devices. Specops Software outlines why ...

GitHub is investigating a breach of its internal repositories after the TeamPCP hacker group claimed to have accessed ...

Microsoft says it has disrupted a malware-signing-as-a-service (MSaaS) operation that abused the company's Artifact Signing ...

Microsoft has shared mitigations for YellowKey, a recently disclosed Windows BitLocker zero-day vulnerability that grants ...