Decrypt

Shai-Hulud: What to Know About the Malware Spreading Through Software Pipelines

The Shai-Hulud supply-chain malware campaign is exploiting the automated systems developers trust to publish software safely.
TMCnet

Hadrian Releases OpenHack, Democratizing AI Vulnerability Discovery

Hadrian today released OpenHack, a tool for AI-powered source code review that delivers high-quality results at a fraction of the cost ...

Inside the GitHub Breach: The suspicious extension that exposed internal repositories and what went wrong

GitHub has contained a breach involving unauthorized access to thousands of internal repositories, allegedly linked to a ...
Opinion
Security BoulevardOpinion

Advisories Are Now Exploit Specs. Act Accordingly.

The zero-day-to-n-day collapse is no longer theoretical, as demonstrated by CVE-2026-39987 in Marimo, which saw initial exploitation occur just nine hours and 41 minutes after disclosure without a ...
Microsoft

Mini Shai Hulud: Compromised @antv npm packages enable CI/CD credential theft

Hulud payload to steal CI/CD secrets from Linux-based automation environments. The malware executes during npm install and ...