Security

AUR Supply Chain Attack Delivers eBPF Rootkit and Infostealer

A spoofed maintainer adopted over 400 Arch User Repository packages, injecting preinstall scripts that fetch malicious NPM payloads.

News · 2w ago0

Inside 'The Gentlemen' Ransomware: TTPs, AI, and Network Hardening

Understand the technical tactics of this rapidly expanding RaaS group to defend your edge devices and Active Directory.

Article · 2w ago2

Critical Ivanti Sentry RCE Under Active Exploitation

A maximum-severity unauthenticated command injection vulnerability in Ivanti Sentry is being actively targeted following a public exploit release.

News · 2w ago0

Hundreds of AUR Packages Trojanized with Malicious npm Dependency

A widespread supply chain attack on the Arch User Repository injects an infostealer via malicious npm install scripts.

News · 2w ago0

BorgBackup Server's Security Model: Surviving a Breach on Either Side

Append-only repositories, client-side encryption, and a pull-based agent design mean a compromised client can't destroy history — and a compromised server can't reach your machines.

Article · 2w ago0

How an Insecure Update Flow Exposed AMD Systems to RCE

A trivial MITM vulnerability in AMD's AutoUpdate tool highlights the risks of ignoring transport security in software updates.

Article · 2w ago0

Should AI Code Generators Get CVEs for Insecure Suggestions?

A security researcher's experiment with PyCharm's local AI autocompletion raises tough questions about responsibility and vulnerability disclosure.

Article · 2w ago0

The Blunt Instrument of AI Safety: Why Researchers Are Fuming Over Anthropic's Fable Guardrails

Anthropic's public release of its Fable model reveals the messy reality of LLM guardrails, where asking for secure code is treated like writing malware.

Article · 2w ago0

The Lexical Trap: Why Anthropic's Fable Guardrails Are Tripping Up Developers

Anthropic's public release of its cybersecurity-focused model Fable was meant to democratize secure coding. Instead, aggressive keyword-based guardrails are locking out basic tasks like code reviews.

Article · 2w ago1

Chrome Strips the Last Manifest V2 Escape Hatches — Time to Audit Your Browser Tooling

Google is deleting the feature flags that kept uBlock Origin and other MV2 extensions alive in Chrome. Edge and Opera are lining up behind it — and anyone leaning on webRequest-style blocking in headless or test stacks should plan accordingly.

News · 2w ago2

Eyes Open, Vulnerabilities Shipping: The AI Code Security Paradox

A Checkmarx survey of 2,350 developers and security leaders finds 70% believe AI-generated code is more vulnerable — and nearly a third ship it to production anyway. The tools exist. The process doesn't.

Article · 2w ago0

Microsoft Pulls Dozens of GitHub Repos After Supply-Chain Malware Targets AI Coders' Credentials

Hackers slipped password-stealing code into Microsoft open-source projects tied to Azure and AI coding workflows. Here's the attack vector — and what to audit in your own pipeline.

News · 2w ago5

Miasma Worm Hits Microsoft Packages Twice in Weeks — and Your SLSA Provenance Won't Save You

The Miasma credential stealer has now compromised the same Microsoft GitHub account twice, defeating cryptographic supply-chain guarantees and triggering silently when developers open packages in AI coding agents.

Article · 2w ago1

Arbitrary Code Execution in objdump -g: How a Missing Bounds Check Becomes a Full Exploit

A heap out-of-bounds write in the FR30 relocation handler lets a crafted object file run attacker code when inspected with `objdump -g` — and the exploit defeats ASLR, PIE, and heap hardening in a single shot.

Article · 2w ago0

uv Gets Built-In Vulnerability and Malware Scanning

Astral's uv package manager adds `uv audit` and optional install-time malware checks powered by OSV, closing supply-chain gaps that separate tooling can't easily address.

News · 3w ago1