RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN
A vulnerability in GitHub Codespaces could have been exploited by bad actors…
Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems
In yet another software supply chain attack, the open-source, artificial intelligence (AI)-powered…
SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer
Ravie LakshmananFeb 17, 2026Infostealer / Artificial Intelligence Cybersecurity researchers have disclosed details…
North Korean PurpleBravo Campaign Targeted 3,136 IP Addresses via Fake Job Interviews
As many as 3,136 individual IP addresses linked to likely targets of…
AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks
A critical misconfiguration in Amazon Web Services (AWS) CodeBuild could have allowed…
Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads
Cybersecurity researchers are calling attention to a new campaign that's leveraging GitHub-hosted…
Shai-Hulud v2 Campaign Spreads From npm to Maven, Exposing Thousands of Secrets
The second wave of the Shai-Hulud supply chain attack has spilled over…
Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities
Cybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension…
Malicious PyPI Package soopsocks Infects 2,653 Systems Before Takedown
Oct 02, 2025Ravie LakshmananPython / Malware Cybersecurity researchers have flagged a malicious…