GitHub Confirms Breach, 4K Internal Repos Stolen
Open source software giant GitHub confirmed a data breach this week involving the theft of thousands of repos. One threat actor — TeamPCP — took credit.
Security Articles
Updated 10 min ago · 90 articles
Hardware End-of-Support-Life (EOSL) — The EOL Risk Nobody Tracks
Everyone talks about software EOL. Nobody talks about hardware EOSL. End-of-Support-Life (EOSL) hardware creates exactly the same security exposure as EOL so...
Digital bottleneck: How Iran wants to use internet access as leverage in the war
Tehran is floating the idea of charging the world’s largest tech companies – including Google, Meta, Microsoft and Amazon – for using the undersea internet c...
Google publishes exploit code threatening millions of Chromium users
Google publishes exploit code before patch, reported 29 months earlier, is fixed.
Logic bug in the Linux kernel's __ptrace_may_access() function (CVE-2026-46333)
Comments
Apple server schematics stolen in May 2026 Foxconn cyberattack, AppleInsider confirms
Leaked documents may be tip of the iceberg in Foxconn hack, as only Apple server schematics have been shared so far. More damaging documents may come later.A...
GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK
GitHub confirmed on May 20 that a poisoned VS Code extension installed on an employee’s device gave attackers access to roughly 3,800 internal repositories a...
Microsoft takes down 'Fox Tempest' cybercrime service which used legitimate platforms to hide dangerous malware
Fox Tempest created more than a thousand fake certificates, helping distribute Lumma, Vidar, and countless other malware.
Ad
Grafana breach caused by missed token rotation after TanStack attack
The Grafana data breach was caused by a single GitHub workflow token that slipped through the rotation process following the TanStack npm supply-chain attack...
Encryption standards face a reckoning as quantum computing era edges closer
The security landscape is entering uncharted territory as quantum computing moves from theoretical threat to near-term enterprise reality — and the race to p...
Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks
Microsoft on Tuesday said it disrupted a malware-signing-as-a-service (MSaaS) operation that weaponized the company's Artifact Signing system to deliver mali...
GitHub confirms hackers stole thousands of internal code repositories after employee installed a poisoned VS Code extension
It is an unsettling irony when the world’s largest code-hosting platform becomes the victim of its own ecosystem. GitHub confirmed on Tuesday that a threat...
Loading...
All 90 articles loaded