Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
Cybersecurity researchers have disclosed details of a new automated campaign called Megalodon that has pushed 5,718 malicious commits to 5,561...
Cybersecurity
CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV
Ravie LakshmananMay 22, 2026Vulnerability / Cyber Attack The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security...
New Verizon Report Reveals the Security Gap Attackers Are Exploiting Most
The 2026 Verizon Data Breach Investigations Report (DBIR) paints a clearer picture of today’s cybersecurity landscape: attackers are moving faster,...
Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor
Cybersecurity researchers have disclosed details of a new Linux malware dubbed Showboat that has been put to use in a...
Microsoft Disrupts Malware-Signing Service Used by Ransomware Gangs
Microsoft says it disrupted a malware-signing service that abused Azure Artifact Signing to create fraudulent certificates used in ransomware and...
ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories
Ravie LakshmananMay 21, 2026Hacking News / Cybersecurity News This week starts small. A token leaks. A bad package slips in....
CISA Contractor Exposed Sensitive Credentials in Public GitHub Repository
The federal agency that tells Americans how to secure their systems is now investigating how sensitive credentials tied to its...
Mac Users Face New Malware Threat Spoofing Apple, Google, and Microsoft
The latest malware targeting Mac users isn’t built to crack security protections, but to exploit users’ trust in familiar brands....
On AI Security
On AI Security Good report: Executive Summary: Let’s say you wanted to make sure that your AI is secure. Can...
Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API
Cybersecurity researchers have flagged fresh activity from a China-aligned threat actor known as Webworm in 2025, deploying custom backdoors that...
AdvancedHEALTH Ransomware Claim Includes 2.3M Patient Data Lines
A ransomware gang is trying to turn a Tennessee healthcare group into a public pressure campaign. DragonForce claims it stole...
Grafana Rejects Ransom Demand After GitHub Breach Exposes Codebase Theft
Grafana has confirmed that an unauthorized party gained access to its GitHub environment after obtaining a compromised token, allowing the...
Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account
Cybersecurity researchers have discovered a fresh software supply chain attack campaign that has compromised various npm packages associated with the...
CISA Admin Leaked AWS GovCloud Keys on Github
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that...
Vibe Coding Cheat Sheet: Tools, Prompts, Security Tips, and More
Software development is undergoing a seismic shift as vibe coding turns plain English into functional applications in seconds. The era...