🔥npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks
GitHub has rolled out new controls for npm to improve the security of the software supply chain, giving maintainers the ability to explicitly approve a release prior to the packages becoming publicly
🔥Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
A new "coordinated" supply chain attack campaign has impacted eight packages on Packagist including malicious code designed to run a Linux binary retrieved from a GitHub Releases URL. "Although the...
🔥Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software
Anthropic on Friday disclosed that Project Glasswing has helped uncover more than 10,000 high- or critical-severity vulnerabilities across some of the most "systemically" important software across...
🔥Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer
Cybersecurity researchers have flagged a fresh software supply chain attack campaign that has targeted multiple PHP packages belonging to Laravel-Lang to deliver a comprehensive credential-stealing...
🔥LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild. The flaw, tracked as CVE-2026-48172 (CVSS score: 10.0), relates to
📰FBI warns about fast-growing phishing kit targeting Microsoft 365 users
Kali365, which was first observed in April, abuses legitimate Microsoft device authorization pages to grant persistent access to cybercriminal-controlled applications. The post FBI warns about...
🕵️Lawmakers Demand Answers as CISA Tries to Contain Data Leak
Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor...
📰Alleged leader of Kimwolf, a sweeping botnet for cybercriminals, arrested in Canada
Jacob Butler, a 23-year-old from Ottawa, awaits extradition to the United States and faces up to 10 years in prison. The post Alleged leader of Kimwolf, a sweeping botnet for cybercriminals, arrested
🕵️Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada
Canadian authorities on Wednesday arrested a 23-year-old Ottawa man on suspicion of building and operating Kimwolf, a fast spreading Internet-of-Things botnet that enslaved millions of devices for...
📰Lawmakers from both parties say CISA cuts have gone too far
Reps. Don Bacon, R-Neb., and James Walkinshaw, D-Va., found rare bipartisan agreement that the agency tasked with defending civilian networks has been diminished at a moment when threats from China...
📰Trump postpones executive order focused on AI security
Under a draft executive order, the NSA, Treasury Department and other federal agencies would get 90-days to test new models for cybersecurity and national security concerns. The post Trump postpones...
📰CISA chief frets about open-source vulnerabilities, delayed security improvements
Acting director Nick Andersen’s comments came as a wave of malware attacks hit tech that’s publicly available for collaboration. The post CISA chief frets about open-source vulnerabilities,...
🖥️"N'achetez rien sur Trumpmobile": le T1 Phone "patriotique" de Donald Trump serait à l'origine d'une fuite de données... alors même qu’il n'est pas encore livré
Alors que le T1 Phone de Trump Mobile n’a pas encore été expédié, une faille présumée du site de précommande aurait exposé les données personnelles …
🖥️Fuite de données de vacances : les cambrioleurs n'auront même plus besoin de repérer votre maison cet été
En trois jours à peine, un hacker vient de frapper trois géants du tourisme français : Pierre & Vacances, Belambra et Gîtes de France. À quelques …
🖥️Le phishing sur mobile représente désormais une menace plus importante que celui par e-mail : comment se protéger - ZDNET
Les pirates se tournent vers les SMS et les appels téléphoniques à mesure que les systèmes de protection des e-mails s'améliorent. Voici ce que les …
🔥npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks
GitHub has rolled out new controls for npm to improve the security of the software supply chain, giving maintainers the ability to explicitly approve a release prior to the packages becoming publicly
🔥Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
A new "coordinated" supply chain attack campaign has impacted eight packages on Packagist including malicious code designed to run a Linux binary retrieved from a GitHub Releases URL. "Although the...
🔥Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software
Anthropic on Friday disclosed that Project Glasswing has helped uncover more than 10,000 high- or critical-severity vulnerabilities across some of the most "systemically" important software across...
🔥Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer
Cybersecurity researchers have flagged a fresh software supply chain attack campaign that has targeted multiple PHP packages belonging to Laravel-Lang to deliver a comprehensive credential-stealing...
🔥LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild. The flaw, tracked as CVE-2026-48172 (CVSS score: 10.0), relates to
📰FBI warns about fast-growing phishing kit targeting Microsoft 365 users
Kali365, which was first observed in April, abuses legitimate Microsoft device authorization pages to grant persistent access to cybercriminal-controlled applications. The post FBI warns about...
🕵️Lawmakers Demand Answers as CISA Tries to Contain Data Leak
Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor...
📰Alleged leader of Kimwolf, a sweeping botnet for cybercriminals, arrested in Canada
Jacob Butler, a 23-year-old from Ottawa, awaits extradition to the United States and faces up to 10 years in prison. The post Alleged leader of Kimwolf, a sweeping botnet for cybercriminals, arrested
🕵️Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada
Canadian authorities on Wednesday arrested a 23-year-old Ottawa man on suspicion of building and operating Kimwolf, a fast spreading Internet-of-Things botnet that enslaved millions of devices for...
📰Lawmakers from both parties say CISA cuts have gone too far
Reps. Don Bacon, R-Neb., and James Walkinshaw, D-Va., found rare bipartisan agreement that the agency tasked with defending civilian networks has been diminished at a moment when threats from China...
📰Trump postpones executive order focused on AI security
Under a draft executive order, the NSA, Treasury Department and other federal agencies would get 90-days to test new models for cybersecurity and national security concerns. The post Trump postpones...
📰CISA chief frets about open-source vulnerabilities, delayed security improvements
Acting director Nick Andersen’s comments came as a wave of malware attacks hit tech that’s publicly available for collaboration. The post CISA chief frets about open-source vulnerabilities,...
🖥️"N'achetez rien sur Trumpmobile": le T1 Phone "patriotique" de Donald Trump serait à l'origine d'une fuite de données... alors même qu’il n'est pas encore livré
Alors que le T1 Phone de Trump Mobile n’a pas encore été expédié, une faille présumée du site de précommande aurait exposé les données personnelles …
🖥️Fuite de données de vacances : les cambrioleurs n'auront même plus besoin de repérer votre maison cet été
En trois jours à peine, un hacker vient de frapper trois géants du tourisme français : Pierre & Vacances, Belambra et Gîtes de France. À quelques …
🖥️Le phishing sur mobile représente désormais une menace plus importante que celui par e-mail : comment se protéger - ZDNET
Les pirates se tournent vers les SMS et les appels téléphoniques à mesure que les systèmes de protection des e-mails s'améliorent. Voici ce que les …