534 posts in this collection

Attackers have hijacked popular GitHub Actions repositories by redirecting version tags to malicious commits, aiming to compromise sensitive credentials within CI/CD pipelines. Published: 2026-05-19 | Author: Patrick Mat

A popular Visual Studio Code extension, Nx Console, has been found to contain a sophisticated credential-stealing payload, potentially impacting millions of developers and their sensitive data. The compromised version, p

Critical vulnerabilities in SEPPMail Secure E-Mail Gateway could allow attackers to execute arbitrary code and access confidential email communications, posing a significant risk to organizations relying on the platform

A newly weaponized proof-of-concept for a Windows zero-day vulnerability, dubbed MiniPlasma, allows attackers to achieve SYSTEM-level privileges, even on fully patched systems. This discovery highlights a persistent secu

Security vendors Ivanti, Fortinet, SAP, and VMware, along with automation platform n8n, have issued urgent security updates to address a range of critical vulnerabilities. These flaws, if exploited, could allow attackers

A critical zero-day vulnerability in on-premise Microsoft Exchange Server is being actively exploited, highlighting an accelerating threat environment where the window between patch release and exploit deployment is rapi
Follow our Instagram for daily security insights, course previews, and exclusive content.