The FBI has warned that TeamPCP compromised trusted developer tools to steal cloud credentials, deploy malware, extort ...
Sysdig threat hunters documented what they say is the first-ever documented agentic ransomware infection with an LLM - not a ...
Attackers behind a password-spraying campaign targeting Microsoft Office 365 accounts have amassed dozens of victims by abusing a deprecated feature in OAuth 2.0 to ...
Operation Navy Ghost is targeting Python developers who build Telegram bots by hiding backdoors inside trojanized Pyrogram forks uploaded to PyPI. The campaign has been active since November 2025, ...
A default low-privilege account on a LiteLLM proxy can climb to full admin and run code on the server by chaining three vulnerabilities, researchers at Obsidian Security disclosed LiteLLM is a widely ...
Hackers injected malware into 73 Microsoft GitHub repos on June 5, 2026. The attack targeted AI coding tools like Claude Code and VS Code. Read what happened.
Microsoft has announced the public preview of Azure Container Apps Sandboxes. This new ARM resource type is Microsoft.App/SandboxGroups runs untrusted code generated ...
On June 5, 2026, 73 Microsoft GitHub repositories were disabled by GitHub's unauthorized use prevention system. These repositories were compromised by malware that steals credentials when developers ...
On June 5, 2026, 73 Microsoft GitHub repositories were disabled by GitHub's anti-fraud system. These repositories were found to be compromised by malware that stole authentication credentials when ...
GitHub disabled 73 Microsoft repositories after a Miasma supply chain attack. Malicious commits targeted AI coding tools, VS Code, and developer workstations. Developers should rotate credentials if ...
On June 5, 2026, the Miasma worm campaign reached Microsoft’s Azure GitHub organizations. GitHub disabled 73 repositories across four Microsoft GitHub organizations after a malicious commit was pushed ...
A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate applications and administration features. Microsoft tracks the actor as Storm ...