Cybersecurity

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two actively exploited software flaws to its high-threat catalog on April 29, 2026.The new entries...

A critical vulnerability (CVE-2026-3854) in GitHub allowed remote code execution via a single "git push" command.The flaw was a command injection issue where unsanitized...

A critical security flaw (CVE-2026-25874) has been disclosed in Hugging Face's open-source robotics platform, LeRobot, allowing unauthenticated remote code execution.The flaw stems from unsafe...

A privilege escalation flaw in Microsoft Entra ID's Agent ID Administrator role was patched by Microsoft on April 9, 2026.The vulnerability allowed users with...

Checkmarx confirms stolen data from its GitHub repository was published on the dark web.The company states no customer data was stored in the compromised...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added four actively exploited vulnerabilities to its Known Exploited Vulnerabilities catalog on April 24, 2026.The flaws...

A Chinese national associated with a state-owned defense firm impersonated U.S. engineers for years to steal sensitive defense software.Victims included employees at NASA, the...

Researchers discovered 26 malicious apps on the Apple App Store, dubbed FakeWallet, designed to steal cryptocurrency wallet recovery phrases and private keys.The scam, active...