The Hacker News49m
SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack
Leaked SpotBugs PAT in November 2024 led to a GitHub supply chain attack, compromising Coinbase in March 2025.
The Hacker News2h
Have We Reached a Distroless Tipping Point?
Chainguard OS cuts container vulnerabilities by 94% by continuously updating upstream packages, enhancing security and ...
The Hacker News4h
CERT-UA Reports Cyberattacks Targeting Ukrainian State Systems with WRECKSTEEL Malware
Late last month, SEQRITE Labs revealed that academic, governmental, aerospace, and defense-related networks in Russia are ...
The Hacker News3h
OPSEC Failure Exposes Coquettte's Malware Campaigns on Bulletproof Hosting Servers
Novice hacker Coquettte exposed through OPSEC failure using Proton66 to distribute malware and illicit content via fake ...
The Hacker News7h
Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware
Ivanti patches CVE-2025-22457 exploited by UNC5221 in March 2025, risking remote code execution and credential theft.
The Hacker News9h
Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code
Apache Parquet is a free and open-source columnar data file format that's designed for efficient data processing and ...
The Hacker News9h
Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware
Microsoft is warning of several phishing campaigns that are leveraging tax-related themes to deploy malware and steal ...