Cybersecurity

A supply chain attack compromised four key SAP-related npm packages with credential-stealing malware on April 29, 2026.The malware, self-titled mini Shai-Hulud, steals developer and...

cPanel has issued urgent security updates to fix a critical authentication vulnerability.All currently supported versions of the web hosting control panel software are affected.Hosting...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two actively exploited software flaws to its high-threat catalog on April 29, 2026.The new entries...

A critical vulnerability (CVE-2026-3854) in GitHub allowed remote code execution via a single "git push" command.The flaw was a command injection issue where unsanitized...

A critical security flaw (CVE-2026-25874) has been disclosed in Hugging Face's open-source robotics platform, LeRobot, allowing unauthenticated remote code execution.The flaw stems from unsafe...

A privilege escalation flaw in Microsoft Entra ID's Agent ID Administrator role was patched by Microsoft on April 9, 2026.The vulnerability allowed users with...

Checkmarx confirms stolen data from its GitHub repository was published on the dark web.The company states no customer data was stored in the compromised...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added four actively exploited vulnerabilities to its Known Exploited Vulnerabilities catalog on April 24, 2026.The flaws...