RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded
Ravie LakshmananMay 12, 2026Supply Chain Attack / Software Security RubyGems, the standard package manager for the Ruby programming language, has...
Ravie LakshmananMay 12, 2026Supply Chain Attack / Software Security RubyGems, the standard package manager for the Ruby programming language, has...
Ravie LakshmananMay 07, 2026Vulnerability / Software Security A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library...
Ravie LakshmananMay 05, 2026Vulnerability / Server Security The Apache Software Foundation (ASF) has released security updates to address several security...
Ravie LakshmananMay 05, 2026Endpoint Security / Software Security A newly identified supply chain attack targeting DAEMON Tools software has compromised...
While the software industry has made genuine strides over the past few decades to deliver products securely, the furious pace...
A Microsoft Defender update turned trusted certificates into security scares. The false positive, tied to detections for Trojan:Win32/Cerdigent.A!dha, caused Defender...
Ravie LakshmananMay 04, 2026Vulnerability / Enterprise Software Progress Software has released updates to address two security flaws in MOVEit Automation,...
Microsoft flagged 8.3 billion phishing emails in just three months. But the bigger warning is how those attacks are changing....
Ravie LakshmananMay 01, 2026Supply Chain Attack / Malware A new software supply chain attack campaign has been observed using sleeper...
ProviderBest forStarting price SentinelOne SingularityBest overallContact sales Microsoft Defender for EndpointBest for Windows environments$54.75 per user, per month CrowdStrike Falcon...
Ravie LakshmananApr 30, 2026Supply Chain Attack / Malware In yet another software supply chain attack, threat actors have managed to...
Microsoft confirmed a Windows zero-click flaw tied to an incomplete patch is being exploited, putting credentials at risk for unpatched...
Image: dwifitrianor/Adobe A hardcoded API key embedded in ClickUp’s public website has quietly exposed hundreds of corporate and government email...
Ravie LakshmananApr 28, 2026Vulnerability / Software Security Cybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHub.com and...
Image: ShinyHunters’ dark web notice of ADT hack ADT says its home security systems were not compromised in a recent...