Cybersecurity

A stealthy Python backdoor called DEEP#DOOR uses a tunneling service for command-and-control to steal sensitive data, including cloud credentials and SSH keys.The malware embeds...

A critical Linux flaw allows an unprivileged local user to write to a file's cache and escalate to root privileges.The vulnerability, tracked as CVE-2026-31431,...

A supply chain attack compromised four key SAP-related npm packages with credential-stealing malware on April 29, 2026.The malware, self-titled mini Shai-Hulud, steals developer and...

cPanel has issued urgent security updates to fix a critical authentication vulnerability.All currently supported versions of the web hosting control panel software are affected.Hosting...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two actively exploited software flaws to its high-threat catalog on April 29, 2026.The new entries...

A critical vulnerability (CVE-2026-3854) in GitHub allowed remote code execution via a single "git push" command.The flaw was a command injection issue where unsanitized...

A critical security flaw (CVE-2026-25874) has been disclosed in Hugging Face's open-source robotics platform, LeRobot, allowing unauthenticated remote code execution.The flaw stems from unsafe...

A privilege escalation flaw in Microsoft Entra ID's Agent ID Administrator role was patched by Microsoft on April 9, 2026.The vulnerability allowed users with...