DarkSword exploit, which affects outdated versions of iOS, leaks on GitHub

The exploit is now publicly available on GitHub, increasing the urgency for older iPhones and iPads to run the latest ...
Dark Reading

Trivy Supply Chain Attack Targets CI/CD Secrets

A threat actor used the open source security tool to breach CI/CD workflows and steal cloud credentials, SSH keys, and other ...

Someone has publicly leaked an exploit kit that can hack millions of iPhones

Leaked "DarkSword" exploits published to GitHub allow hackers and cybercriminals to target iPhone users running old versions ...

You are out of time to update: Severe iOS hack code leaks to everyone

The DarkSword exploit, which primarily targets devices running older iOS versions, has unfortunately made its way to GitHub.
The Hacker News

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...
Mactrast

GhostClaw Malware Takes Advantage of Developers’ GitHub Habits to Target Mac Users

A new bit of macOS malware called GhostClaw takes advantage of developer's GitHub habits to spread across GitHub and AI ...
Krebs on Security

‘CanisterWorm’ Springs Wiper Attack Targeting Iran

A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected ...
Cyber Defense Magazine

AI Is Writing Your Code. But Who Is Securing It?

AI coding assistants have unleashed new superpowers for developers, with the likes of GitHub Copilot, Cursor’s AI code editor ...

The Cloud Native Stack Finally Gets a Governance Layer: Meshery v1.0 Launches at KubeCon EU

General availability of Meshery v1.0 arrives as AI-generated infrastructure configurations accelerate faster than human ...

Kusari Brings Enterprise-Grade AI Code Review & Dependency Management to CNCF and OpenSSF Communities

Kusari Inspector is now free to CNCF and OpenSSF projects, delivering AI-powered dependency, license and security ...
SecurityWeek

Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack

Aqua Security’s Trivy vulnerability scanner was compromised in a supply chain attack, leading to information-stealing ...

Gomboc Expands Beyond IaC with ORL to Deliver Deterministic Remediation Cloud and Code

New Open Remediation Language powers automated, policy-aligned fixes across cloud and code via merge-ready pull ...