Expert perspectives on application security, compliance, and emerging threats
IncidentWhat Happened Between late 2022 and early 2023, security researchers identified thirteen critical vulnerabilities in vm2 , a widely-used JavaScript sandbox package for Node.js. The most severe, CVE-20
IncidentWhat Happened Trend Micro researchers identified Quasar Linux RAT (QLNX), a remote access trojan targeting developer workstations. The malware seeks out credential files like .npmrc , .pypirc , .git-c
IncidentWhat Happened In September 2024, North Korea s Chollima APT group launched PromptMink, a supply-chain attack targeting AI coding agents. The attackers published two malicious npm packages — @hash-vali
IncidentIn early 2024, Google acknowledged a significant security gap: there was no reliable way to verify that the Google apps on your Android device were the exact ones Google intended to release. Digital s
Get weekly security insights and compliance updates delivered to your inbox.
IncidentOn May 5, 2025, Disc Soft Limited confirmed that their DAEMON Tools Lite software had been compromised at the source. Security researchers at Kaspersky had already detected this breach. Version 12.5.1
IncidentWhat Happened The vm2 library, a widely-used Node.js sandbox for executing untrusted JavaScript code, suffered multiple critical vulnerabilities that allowed attackers to break out of the sandbox and
IncidentWhat Happened Security researchers have disclosed CVE-2026-26956, a critical vulnerability in vm2 , a Node.js library used to execute untrusted JavaScript code in isolated environments. This flaw allo
IncidentWhat Happened An SQL injection vulnerability (CVE-2026-2413) in the Elementor Ally WordPress plugin exposed over 250,000 sites to unauthorized database access. The flaw stemmed from improper handling
IncidentOn April 30, a malicious version of PyTorch Lightning appeared on the Python Package Index (PyPI). This compromised package included a credential-stealing payload targeting .env files, API keys, secre
IncidentBetween January 31 and March 9, 2026, attackers deployed 72 malicious extensions on the Open VSX marketplace, affecting 151 GitHub repositories. The campaign, known as GlassWorm, used a two-stage atta
IncidentWhat Happened In early 2025, CISA and four international cybersecurity agencies issued a joint advisory warning about a specific failure mode: agentic AI systems operating with excessive permissions a
IncidentIncident Overview On March 8, 2026, attackers exploited stolen GitHub personal access tokens to force-push malicious code into legitimate Python repositories. This campaign, known as GlassWorm/ForceMe
IncidentBetween August 2025 and now, PhantomRaven published 126 malicious packages to the npm registry. These packages used slopsquatting—intentional misspellings of popular libraries—to trick JavaScript deve
IncidentWhat Happened On March 5, 2025, CISA added CVE-2025-68613 to its Known Exploited Vulnerabilities catalog. This vulnerability affects n8n, a workflow automation platform used to connect APIs and automa
IncidentYour AI infrastructure just became an exfiltration pipeline. Recent disclosures reveal how Amazon Bedrock, LangSmith, and SGLang each failed fundamental security controls—and how those failures map di
IncidentWhat Happened Between late 2024 and early 2025, attackers compromised 433 code repositories and packages across GitHub, npm, and OpenVSX marketplaces. The malware, known as GlassWorm, infiltrated thes
