On March 30, BeyondTrust demonstrated that a specially crafted GitHub branch name could steal Codex’s OAuth token in plaintext. OpenAI classified this as Critical P1. Shortly after, Anthropic’s Claude Code source code was leaked to the public npm registry, and …
Written by Ravie Lakshmanan on Apr 30, 2026 Tags: Supply Chain Attack / Malware In a recent software supply chain attack, threat actors have compromised the popular Python package Lightning to distribute two malicious versions for credential theft. The malicious …
PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials Read More »
Adversaries infiltrated legitimate AI tools at over 90 organizations in 2025, stealing credentials and cryptocurrency. These compromised tools could only read data, lacking the ability to rewrite firewall rules. However, the new autonomous SOC agents currently being released have the …
Critical Security Vulnerability in GitHub Allows Remote Code Execution î „Ravie Lakshmananî ‚Apr 28, 2026Vulnerability / Software Security Cybersecurity researchers have recently uncovered a critical security flaw affecting GitHub.com and GitHub Enterprise Server, enabling an authenticated user to execute remote code with …
According to a recent interview at RSA Conference 2026, Cisco President and Chief Product Officer Jeetu Patel highlighted the trust deficit as the main reason why only 5% of enterprises have successfully transitioned AI agents from pilot to production. Patel …
85% of enterprises are running AI agents. Only 5% trust them enough to ship. Read More »
Cybersecurity experts have recently uncovered a new Lua-based malware known as fast16, which predates the infamous Stuxnet worm by at least five years. The fast16 malware was designed to target high-precision calculation software to manipulate results, with the goal of …
Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software Read More »
Operation Lunar Peek: A Lesson in Vulnerability Management Back in November 2024, during Operation Lunar Peek, attackers managed to gain unauthenticated remote admin access, eventually leading to root access, across more than 13,000 exposed Palo Alto Networks management interfaces. Palo …
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has announced that a federal civilian agency’s Cisco Firepower device running Adaptive Security Appliance (ASA) software was compromised in September 2025 by malware named FIRESTARTER. FIRESTARTER is identified by CISA and the …
FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches Read More »
A security incident at Vercel has been confirmed, with unauthorized access to internal systems. The breach originated from an AI tool adopted by a Vercel employee, which led to a chain of events culminating in access to production environments through …
Vercel breach exposes the OAuth gap most security teams cannot detect, scope or contain Read More »
î „Ravie Lakshmananî ‚Apr 22, 2026Cloud Security / Software Security Cybersecurity experts have issued a warning about malicious images that were uploaded to the official “checkmarx/kics” Docker Hub repository. According to a recent alert published by Socket, a software supply chain security …
Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain Read More »
