Cyber Hawk

Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft

May 01, 2026

A new software supply chain attack campaign has been observed using sleeper packages as a conduit to subsequently push malicious payloads that enabled credential theft, GitHub Actions tampering, and …

Cyber Security

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

April 30, 2026

Intro A sophisticated, high-resilience malicious campaign was identified by Atos Threat Research Center (TRC) in March 2026. This operation specifically targets the high-privilege professional accoun…

Cyber Security

New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions

April 30, 2026

Cybersecurity researchers have disclosed details of a Linux local privilege escalation (LPE) flaw that could allow an unprivileged local user to obtain root. The high-severity vulnerability tracked a…

Cyber Security

Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution

April 30, 2026

Google has addressed a maximum severity security flaw in Gemini CLI -- the "@google/gemini-cli" npm package and the "google-github-actions/run-gemini-cli" GitHub Actions workflow …

Cyber Security

Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately

April 29, 2026

cPanel has released security updates to address a security issue impacting various authentication paths that could allow an attacker to obtain access to the control panel software. The problem affect…

Cyber Security

CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV

April 29, 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting ConnectWise ScreenConnect and Microsoft Windows to its Known Exploited Vulnerabilities (…

Cyber Security

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

April 28, 2026

In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI's LiteLLM Python package has come under active exploita…

Bitcoin Mining

Hot News

Labels

Report Abuse

Recent posts

Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions

Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution

Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately

CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

Popular Feeds

Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software

26 FakeWallet Apps Found on Apple App Store Targeting Crypto Seed Phrases

Featured News

Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft

Random Posts

Popular Posts

Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software

26 FakeWallet Apps Found on Apple App Store Targeting Crypto Seed Phrases

Bitcoin Mining

Hot News

Labels

Recent posts

Share

Popular Feeds

Featured News

Random Posts

Popular Posts