Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper
Ravie LakshmananMar 23, 2026Cloud Security / DevOps Cybersecurity researchers have uncovered malicious…
UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device
Ravie LakshmananMar 09, 2026DevOps / Threat Intelligence The North Korean threat actor…
Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems
In yet another software supply chain attack, the open-source, artificial intelligence (AI)-powered…
AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks
A critical misconfiguration in Amazon Web Services (AWS) CodeBuild could have allowed…
Critical Node.js Vulnerability Can Cause Server Crashes via async_hooks Stack Overflow
Jan 14, 2026Ravie LakshmananApplication Security / Vulnerability Node.js has released updates to…
Second Sha1-Hulud Wave Affects 25,000+ Repositories via npm Preinstall Credential Theft
Nov 24, 2025Ravie LakshmananCloud Security / Vulnerability Multiple security vendors are sounding…
ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet
Nov 20, 2025Ravie LakshmananVulnerability / Cloud Computing Oligo Security has warned of…
Why Organizations Are Abandoning Static Secrets for Managed Identities
Oct 23, 2025The Hacker NewsDevOps / Data Protection As machine identities explode…
Self-Spreading ‘GlassWorm’ Infects VS Code Extensions in Widespread Supply Chain Attack
Oct 24, 2025Ravie LakshmananDevOps / Malware Cybersecurity researchers have discovered a self-propagating…