VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.
Miasma compromised 32 Red Hat packages June 1 via a hijacked CI/CD pipeline producing valid SLSA attestations, then hit 57 more June 3 using Phantom Gyp to evade install monitors. Red Hat confirmed no ...
OpenClaw exposes how autonomous AI agents are reshaping enterprise security risks..
Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...
Attackers have compromised Red Hat’s official @redhat-cloud-services namespace on npm, inserting credential-stealing malware into dozens of package releases used in cloud console development and ...
Bluetooth can disappear from Device Manager on Windows even when the problem started as a missing toggle in Settings. In some ...
AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.
A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.
Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...
Customer stories Events & webinars Ebooks & reports Business insights GitHub Skills ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results