Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets
Trivy, a popular open-source vulnerability scanner maintained by Aqua Security, was compromised…
GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos
Ravie LakshmananMar 16, 2026Malware / Cryptocurrency The GlassWorm malware campaign is being…
OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration
Ravie LakshmananMar 14, 2026Artificial Intelligence / Endpoint Security China's National Computer Network…
Researchers Trick Perplexity’s Comet AI Browser Into Phishing Scam in Under Four Minutes
Ravie LakshmananMar 11, 2026Artificial Intelligence / Browser Security Agentic web browsers that…
New “LeakyLooker” Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries
Ravie LakshmananMar 10, 2026Database Security / Vulnerability Cybersecurity researchers have disclosed nine…
Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations
Threat hunters have called attention to a new campaign as part of…
Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware
Ravie LakshmananFeb 25, 2026Cybersecurity / Malware Cybersecurity researchers have discovered four malicious…
RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN
A vulnerability in GitHub Codespaces could have been exploited by bad actors…
APT28 Targeted European Entities Using Webhook-Based Macro Malware
Ravie LakshmananFeb 23, 2026Malware / Threat Intelligence The Russia-linked state-sponsored threat actor…