news

A sophisticated worm campaign is leveraging compromised GitHub Actions workflows to inject malicious code into popular software packages, impacting organizations and developers across the open-source ecosystem. The attac

As agentic AI systems become more integrated into production environments, organizations face a growing challenge in understanding and securing these powerful tools, potentially creating a significant blind spot for secu

A modified version of a critical Jenkins plugin developed by Checkmarx has been discovered on the Jenkins Marketplace, raising concerns about ongoing supply chain security risks. This incident marks a repeat targeting of

A critical authentication bypass vulnerability in cPanel and WebHost Manager (WHM) is being actively exploited by threat actors to deploy a sophisticated backdoor and conduct further malicious activities. The exploit, tr

A novel zero-day vulnerability, enabling a bypass of two-factor authentication, has been discovered, with strong indications that artificial intelligence played a role in its development and exploitation. This marks a si

Security teams face a relentless barrage of exploits targeting both new zero-days and long-standing software flaws, underscoring the persistent challenges in patching and defense. Published: 2026-05-11 | Author: Patrick