GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension Supply Chain Attack / Developer ToolsGitHub on Wednesday officially confirmed that the breach of i... 2026-5-21 04:27:1 | 阅读: 32 | 收藏 | The Hacker News - thehackernews.com github security nx developer teampcp

Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks Web Security / VulnerabilityDrupal has released security updates for a "highly critical" security... 2026-5-21 03:44:11 | 阅读: 34 | 收藏 | The Hacker News - thehackernews.com drupal security unsupported exploited remote

Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development Artificial Intelligence / Security TestingMicrosoft has unveiled two new open-source tools called... 2026-5-20 17:6:54 | 阅读: 32 | 收藏 | The Hacker News - thehackernews.com security microsoft rampart developers clarity

Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks Microsoft on Tuesday said it disrupted a malware-signing-as-a-service (MSaaS) operation that weap... 2026-5-20 14:36:44 | 阅读: 21 | 收藏 | The Hacker News - thehackernews.com microsoft tempest fox ransomware malicious

Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API Cybersecurity researchers have flagged fresh activity from a China-aligned threat actor known as We... 2026-5-20 12:51:43 | 阅读: 33 | 收藏 | The Hacker News - thehackernews.com webworm backdoors echocreep c2 proxy

Agent AI is Coming. Are You Ready? Identity Security / Enterprise SecurityNew Industry Data Just Released Suggests Not.On May 19th... 2026-5-20 11:58:0 | 阅读: 24 | 收藏 | The Hacker News - thehackernews.com agents security gap unseen unmanaged

Typosquatting Is No Longer a User Problem. It's a Supply Chain Problem AI-generated lookalike domains are now embedded inside the third-party scripts running on your web... 2026-5-20 10:30:0 | 阅读: 38 | 收藏 | The Hacker News - thehackernews.com malicious chrome silently behavioral approved

Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit Vulnerability / EncryptionMicrosoft on Tuesday released a mitigation for a BitLocker bypass vulner... 2026-5-20 08:28:26 | 阅读: 50 | 收藏 | The Hacker News - thehackernews.com windows bitlocker tpm winre yellowkey

Grafana GitHub Breach Exposes Source Code via TanStack npm Attack Supply Chain Attack / Cloud SecurityGrafana Labs, on May 19, 2026, said an investigation into its... 2026-5-20 05:12:6 | 阅读: 42 | 收藏 | The Hacker News - thehackernews.com github 2026 cloud extortion teampcp

GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories GitHub on Tuesday said it's investigating unauthorized access to its internal repositories after th... 2026-5-20 04:1:15 | 阅读: 25 | 收藏 | The Hacker News - thehackernews.com github payload teampcp propagates attacker

Trapdoor Android Ad Fraud Scheme Hit 659 Million Daily Bid Requests Using 455 Apps Malvertising / Mobile SecurityCybersecurity researchers have disclosed details of a new ad fraud a... 2026-5-19 16:38:12 | 阅读: 32 | 收藏 | The Hacker News - thehackernews.com trapdoor malicious owned stage

DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability Proof-of-concept (PoC) exploit code has now been released for a recently patched security flaw in t... 2026-5-19 14:56:26 | 阅读: 34 | 收藏 | The Hacker News - thehackernews.com 2026 security upstream rxgk killswitch

The New Phishing Click: How OAuth Consent Bypasses MFA In February 2026, a phishing-as-a-service (PhaaS) platform called EvilTokens went live. Within five... 2026-5-19 11:30:0 | 阅读: 38 | 收藏 | The Hacker News - thehackernews.com phishing grants security bridges scoped

Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare Vulnerability / Website SecurityDrupal has issued an alert stating that it intends to release a "c... 2026-5-19 10:44:45 | 阅读: 23 | 收藏 | The Hacker News - thehackernews.com drupal security addressed advised exclusive

SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access Vulnerability / Email SecurityCritical security vulnerabilities have been disclosed in SEPPMail Se... 2026-5-19 09:23:15 | 阅读: 26 | 收藏 | The Hacker News - thehackernews.com 2026 remote seppmail attackers appliance

Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer Supply Chain Attack / Developer SecurityCybersecurity researchers have flagged a compromised versi... 2026-5-19 07:49:23 | 阅读: 35 | 收藏 | The Hacker News - thehackernews.com nx developer github malicious stealer

Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials Software Security / MalwareIn yet another software supply chain attack, threat actors have comprom... 2026-5-19 05:28:6 | 阅读: 33 | 收藏 | The Hacker News - thehackernews.com github malicious software runner imposter

Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account Cybersecurity researchers have discovered a fresh software supply chain attack campaign that has co... 2026-5-19 04:54:17 | 阅读: 28 | 收藏 | The Hacker News - thehackernews.com antv github shai hulud payload

INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks with 201 Arrests INTERPOL has coordinated a first-of-its-kind cybercrime crackdown across the Middle East and North... 2026-5-18 17:21:18 | 阅读: 25 | 收藏 | The Hacker News - thehackernews.com phishing sentencing interpol arrests conspiracy

⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More Monday opens with a trust problem. A mail server flaw is under active use. A network control syste... 2026-5-18 13:50:17 | 阅读: 29 | 收藏 | The Hacker News - thehackernews.com 2026 software security microsoft windows