Expert perspectives on application security, compliance, and emerging threats
IncidentWhat Happened Between late 2024 and early 2025, attackers compromised 57 npm packages using a technique that bypasses common security controls. Instead of hiding code in lifecycle scripts like preinst
IncidentIronWorm malware infiltrated 36 npm packages with a single goal: steal everything your CI/CD pipeline knows about your infrastructure. JFrog researchers caught the attack early, but the incident expos
IncidentWhat Happened An unauthenticated attacker can execute arbitrary PHP code on Magento stores running the Mirasvit Cache Warmer extension by sending a malicious cookie. CVE-2026-45247 , a PHP object inje
IncidentA prompt injection vulnerability in Google Gemini s voice assistant shows how AI systems can be exploited through seemingly harmless notification channels. Here s what happened, what failed, and what
Get weekly security insights and compliance updates delivered to your inbox.
IncidentWhat Happened Between late 2024 and early 2025, the Lazarus Group deployed malicious packages on npm that mimicked legitimate ecosystem tools without relying on typosquatting. Sonatype s research team
IncidentWhat Happened On May 5, 2025, Redis released patches addressing CVE-2026-23479, a critical remote code execution vulnerability present since version 7.2.0. This flaw allows authenticated users to exec
IncidentWhat Happened On May 4, 2026, security researcher CHOIGYENGMIN reported CVE-2026-8206 to Wordfence: a critical vulnerability in the Kirki WordPress plugin that allows unauthenticated attackers to hija
IncidentMicrosoft recently updated its security tools to address a critical gap: vulnerability scanners were identifying issues in code, but security teams couldn t determine which ones were significant in pr
IncidentWhat Happened In early 2025, attackers compromised a GitHub account with publishing access to Red Hat s @redhat-cloud-services npm namespace. They injected the Miasma malware into over 30 packages, wh
IncidentWhat Happened In late 2024 or early 2025, attackers began exploiting CVE-2024-21182, a high-severity vulnerability in Oracle WebLogic Server. This flaw allows unauthenticated attackers to compromise a
IncidentOn June 1, 2026, attackers published over 30 compromised npm packages under Red Hat s Cloud Services namespace. These packages contained Mini Shai-Hulud malware designed to exfiltrate credentials from
IncidentOn May 25, 2026, Johannes Link released jqwik version 1.10.0 to Maven Central with a deliberate prompt injection designed to sabotage AI coding agents. The Java testing library s maintainer embedded i
IncidentWhat Happened In early 2025, security researchers at Wiz discovered unauthorized code modifications in at least 32 package releases within Red Hat s npm namespace. These packages, linked to the Shai-H
IncidentOn a routine Thursday, packages under the @redhat-cloud-services namespace on npm began executing malware during installation. The compromised packages—including @redhat-cloud-services/types—ran malic
IncidentUnderstanding the Vulnerability CVE-2022-31692 revealed a critical flaw in Spring Security versions 5.6.x through 5.7.4, scoring 9.8 on the National Vulnerability Database. Applications using RegexReq
IncidentWhat Happened On January 4, CircleCI discovered unauthorized access to their systems and immediately advised all customers to rotate their secrets. The company invalidated Personal and Project API tok
