Cybersecurity

A critical vulnerability (CVE-2026-3854) in GitHub allowed remote code execution via a single "git push" command.The flaw was a command injection issue where unsanitized...

A critical security flaw (CVE-2026-25874) has been disclosed in Hugging Face's open-source robotics platform, LeRobot, allowing unauthenticated remote code execution.The flaw stems from unsafe...

A privilege escalation flaw in Microsoft Entra ID's Agent ID Administrator role was patched by Microsoft on April 9, 2026.The vulnerability allowed users with...

Checkmarx confirms stolen data from its GitHub repository was published on the dark web.The company states no customer data was stored in the compromised...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added four actively exploited vulnerabilities to its Known Exploited Vulnerabilities catalog on April 24, 2026.The flaws...

A Chinese national associated with a state-owned defense firm impersonated U.S. engineers for years to steal sensitive defense software.Victims included employees at NASA, the...

Researchers discovered 26 malicious apps on the Apple App Store, dubbed FakeWallet, designed to steal cryptocurrency wallet recovery phrases and private keys.The scam, active...

Threat actors exploited the critical SSRF bug in LMDeploy toolkit just 12 hours after its public disclosure.The vulnerability, CVE-2026-33626, allows attackers to steal cloud...