Category: Security

a man sitting in front of a computer monitor
Security

CISA orders federal patching by July 17, 2026 after two chained SonicWall SMA1000 zero-days (CVE-2026-15409, CVE-2026-15410)

SonicWall’s SMA1000 appliances are the subject of active exploitation via two linked zero-days: an unauthenticated SSRF (CVE-2026-15409) and an authenticated code-injection (CVE-2026-15410). The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added both to its Known Exploited Vulnerabilities list and set a federal remediation deadline of July 17, 2026 — a signal that agencies must patch […]

admin 
black samsung flat screen computer monitor
Security

10,000 cloned GitHub repos are delivering LuaJIT loaders — why engineering teams must stop trusting repo search results

A coordinated campaign has spun up roughly 10,000 fake GitHub repositories that clone real projects’ histories while swapping in malicious ZIP links and AI-written READMEs. Engineering teams, dependency scanners, and security ops need to treat repository search results and automated dependency pulls as potential attack surfaces, not trusted signals. Organized supply-chain mimicry, not random uploads […]

admin 
A man sitting in front of three computer monitors
Security

After OFAC sanctioned 1VPNS and a cryptor supplier, enforcement shifts to VPNs and cryptors

OFAC recently designated the VPN provider 1VPNS and a cryptor supplier tied to ransomware infrastructure, signaling a tactical shift: U.S. enforcement is moving from chasing individual attackers to targeting the services that let them operate anonymously and evade detection. The specific designations and the legal reach OFAC named 1VPNS (marketed since 2014 on cybercriminal forums […]

admin 
a man and a woman sitting in front of a laptop computer
Security

Canvas Breach: Operational Outage vs. Systemic Governance Failure — Why Homeland Security Wants Answers

The Canvas breach tied to the ShinyHunters group interrupted teaching at thousands of schools, but the U.S. Homeland Security Committee’s May 21 demand for Instructure testimony signals a deeper issue: this incident is as much about governance, contracting, and data protection across education technology as it is about a temporary outage. Classroom disruption and what […]

admin 
a computer desk with two monitors and a mouse
Security

Not merely credential theft — Shai‑Hulud chained GitHub Actions to publish trusted npm and PyPI packages

The May 2026 wave of the Shai‑Hulud campaign didn’t just steal credentials: attackers chained multiple GitHub Actions weaknesses to publish more than 170 malicious npm and PyPI packages that carried valid SLSA provenance, turning build attestations into cover for a wide-ranging, self‑propagating compromise. How the CI chain was abused end to end The intrusion began […]

admin 
black car instrument panel cluster
Security

GM’s $12.75M California Fine Is a Data-Minimization Test — Sale vs. Consent, Retention vs. Deletion

California regulators have fined General Motors $12.75 million and imposed strict controls after finding the company sold OnStar driving data without consent. The settlement — the state’s first major enforcement action explicitly aimed at data-minimization failures by an automaker — requires deletion deadlines, a five-year sales ban to certain buyers, and ongoing compliance reporting. How […]

admin 
black and white smartphone on persons hand
Security

Not just a banking trojan: TrickMo.C uses TON to turn infected Android phones into stealth network nodes

TrickMo.C, first observed in early 2026, is not a routine update to a banking trojan. The operators have rebuilt it as a platform that runs a local TON (The Open Network) proxy on compromised Android phones and routes command-and-control traffic through encrypted .ADNL addresses. That redesign converts infected devices into covert, remotely programmable network nodes […]

admin 
Computer screen displaying lines of code
Security

Hijacked Google Ads and Claude.ai posts delivered MacSync—why macOS users and admins must stop pasting ad-sourced commands

The recent MacSync campaign used hijacked Google Ads and user-generated pages on Claude.ai to trick people into pasting obfuscated shell commands into Terminal, delivering a polymorphic infostealer that harvests Keychain items, browser cookies, and crypto keys. Below are the attack’s mechanics, quick checks you can run now, and concrete operational steps for teams and users. […]

admin 
a desk with several computers
Security

May 6–7, 2026: CMS link-swap on JDownloader delivered a PyInstaller Python RAT and SUID-root Linux backdoor

Between May 6 and May 7, 2026, attackers exploited an unpatched CMS vulnerability on the JDownloader website to swap two download links—Windows “Alternative Installer” and the Linux shell installer—with malicious files. The installers distributed during that window contained a PyInstaller-wrapped Python RAT for Windows and a shell-driven installer on Linux that installed SUID-root ELF binaries […]

admin 
turned-on flat screen monitor
Security

Enterprises that pull community models: the May 2026 Hugging Face typosquat that installed a Windows infostealer

In May 2026, a typosquatted Hugging Face repository—Open-OSS/privacy-filter—distributed a loader that ultimately installed a Rust-based credential stealer on Windows machines; the repo was downloaded over 200,000 times before removal. For teams that pull community models into development or production, this incident reframes the threat: attackers can hide executable installers in model repos, not just poison […]

admin 
a group of men sitting at a table with laptops
Security

GeForce NOW breach limited to Armenian partner GFN.am, not NVIDIA’s core systems

GeForce NOW breach limited to Armenian partner GFN.am, not NVIDIA’s core systems NVIDIA confirmed a data breach affecting only its Armenian GeForce NOW partner, GFN.am, and said the company’s core, globally managed systems were not compromised. The incident—dated March 20–26, 2026—exposed personal user records held by the regional operator but did not include passwords or […]

admin