A critical supply chain attack targeting Bitwarden CLI has raised serious concerns across DevSecOps environments and … Bitwarden CLI Supply Chain Attack Exposes CI/CD SecretsRead more
supply chain attack
Lazarus Uses AI Coding Tests to Target Developers
A highly targeted cyber campaign linked to the North Korean Lazarus ecosystem is exploiting something developers … Lazarus Uses AI Coding Tests to Target DevelopersRead more
KICS Docker Supply Chain Attack: DevOps Secrets at Risk
A new KICS Docker supply chain attack has sent shockwaves through the DevSecOps community—proving once again … KICS Docker Supply Chain Attack: DevOps Secrets at RiskRead more
Critical Atlassian Bamboo Flaw Enables Remote Command Injection
A severe vulnerability has been disclosed in Atlassian Bamboo Data Center and Server, exposing enterprise CI/CD … Critical Atlassian Bamboo Flaw Enables Remote Command InjectionRead more
GitHub AI Agents Hit by Prompt Injection via Comments
A new class of AI security vulnerability is redefining how attackers compromise development pipelines. Dubbed “Comment … GitHub AI Agents Hit by Prompt Injection via CommentsRead more
Vercel Data Breach: OAuth Attack Exposes Internal Systems
The Vercel data breach has raised serious concerns across the developer and cybersecurity communities. A platform … Vercel Data Breach: OAuth Attack Exposes Internal SystemsRead more
Obsidian Plugin Malware Attack: Hidden Supply Chain Threat
A new wave of Obsidian plugin malware attacks is redefining how attackers weaponize trusted productivity tools. … Obsidian Plugin Malware Attack: Hidden Supply Chain ThreatRead more
Fake Ledger Wallet Scam Steals Crypto Seeds & PINs
Hardware wallets are considered one of the safest ways to store cryptocurrency—but a new supply chain … Fake Ledger Wallet Scam Steals Crypto Seeds & PINsRead more
Hidden Backdoor in Trusted WordPress Plugins Powers 8-Month Supply Chain Attack
A highly sophisticated WordPress supply chain attack has exposed a critical weakness in how plugin ecosystems … Hidden Backdoor in Trusted WordPress Plugins Powers 8-Month Supply Chain AttackRead more
Fake Proxifier Installer on GitHub Spreads ClipBanker Crypto-Stealing Malware
Cryptocurrency users are increasingly being targeted by sophisticated malware campaigns that exploit trust in legitimate software … Fake Proxifier Installer on GitHub Spreads ClipBanker Crypto-Stealing MalwareRead more