Tag: github
-
Multiple Critical Flaws Fixed in Next.js and React Server Components
Vercel has rolled out vital security updates for Next.js to address a wave of high-severity vulnerabilities affecting versions across the 13.x to 16.x branches. Published via GitHub advisories by Tim Neutkens, these flaws expose web applications to severe risks, including unauthenticated Denial of Service (DoS), Server-Side Request Forgery (SSRF), and multiple middleware authentication bypasses. The…
-
Microsoft’s response to Shadow Agent concerns: New capabilities in Microsoft Agent 365; new Microsoft Defender and GitHub integration
First seen on thesecurityblogger.com Jump to article: www.thesecurityblogger.com/microsofts-response-to-shadow-agent-concerns-new-capabilities-in-microsoft-agent-365-new-microsoft-defender-and-github-integration/
-
Google Fixes CVSS 10 Gemini CLI Vulnerability Enabling GitHub Issue-Based RCE
Tags: cvss, github, google, hacker, injection, rce, remote-code-execution, supply-chain, vulnerabilityGoogle patches a CVSS 10 Gemini CLI vulnerability that allowed hackers to use prompt injection and privilege escalation for a full supply chain compromise. First seen on hackread.com Jump to article: hackread.com/google-cvss-10-gemini-cli-vulnerability-github-rce/
-
Poisoned truth: The quiet security threat inside enterprise AI
It takes surprisingly little poison to corrupt: Bad internal data is the immediate problem. But the external supply chain may be even harder to control.Research by Anthropic, the UK AI Security Institute, and the Alan Turing Institute discovered that as few as 250 maliciously crafted documents can poison LLMs of any size.That creates a massive…
-
AI finds 20-year-old bugs in PostgreSQL and MariaDB
Tags: ai, breach, credentials, cve, exploit, flaw, github, injection, nist, rce, remote-code-execution, sql, vulnerabilityInadequate JSON parsing allowed RCE on the MariaDB server: In MariaDB, a buffer overflow bug, tracked as CVE-2026-32710, was found in the JSON_SCHEMA_VALID() function using Xint Code. The vulnerability allows an authenticated user to trigger a crash, which, under controlled conditions, could be escalated into remote code execution.Compared to the PostgreSQL flaws, exploitation here is…
-
NHS to close-source hundreds of GitHub repos over AI, security concerns
Healthcare giant’s maintainers handed May deadline to enact the change First seen on theregister.com Jump to article: www.theregister.com/2026/05/05/nhs_to_closesource_hundreds_of_repos/
-
âš¡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More
This week, the shadows moved faster than the patches.While most teams were still triaging last month’s alerts, attackers had already turned control panels into kill switches, kernels into open doors, and open-source pipelines into silent delivery systems.The game has shifted from breach to occupation. They’re living inside SaaS sessions, pushing code with trusted commits, and…
-
EtherRAT Uses SEO Poisoning and Fake GitHub Pages to Target Enterprise Admins
A newly uncovered cyber campaign dubbed “EtherRAT” is raising concerns across enterprise environments, as attackers combine SEO poisoning, GitHub abuse, and blockchain-based infrastructure to target high-privilege IT professionals. Instead of broadly targeting users, the attackers deliberately impersonate trusted administrative tools, increasing the likelihood that victims already have elevated system access. The attack chain begins with…
-
Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft
A new software supply chain attack campaign has been observed using sleeper packages as a conduit to subsequently push malicious payloads that enabled credential theft, GitHub Actions tampering, and SSH persistence.The activity has been attributed to the GitHub account “BufferZoneCorp,” which has published a set of repositories that are associated with malicious Ruby gems and…
-
Ruby Gems and Go Modules Used in Campaign Targeting GitHub Actions
A sophisticated software supply chain attack originating from the GitHub account BufferZoneCorp has been uncovered, targeting developers and continuous integration environments through malicious Ruby gems and Go modules. The campaign deployed sleeper packages that impersonated legitimate developer tools, which were later weaponized to steal secrets and poison build pipelines. On the Ruby ecosystem, threat actors…
-
EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades
IntroA sophisticated, high-resilience malicious campaign was identified by Atos Threat Research Center (TRC) in March 2026. This operation specifically targets the high-privilege professional accounts of enterprise administrators, DevOps engineers, and security analysts by impersonating administrative utilities they rely on for daily operations. By integrating Search Engine Order (SEO) First seen on thehackernews.com Jump to article:…
-
Kompromittierte SAP-npm-Pakete stehlen Anmeldedaten
TeamPCP infiltriert offizielle SAP-npm-Pakete. Wie der Mini Shai-Hulud-Wurm CI/CD-Systeme knackt und Cloud-Geheimnisse über GitHub exfiltriert. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/sap-pakete-passwoerter-stahlen
-
Max-severity RCE flaw found in Google Gemini CLI
The behavior is now fixed: Google has addressed the issue by removing implicit workspace trust in headless environments and enforcing stricter tool controls, effectively changing how Gemini CLI behaves in CI/CD pipelines.The patched versions (0.39.1 and 0.40.0-preview.3) now require explicit trust decisions before loading workspace configurations, aligning non-interactive execution with the same safeguards expected in…
-
Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution
Google has addressed a maximum severity security flaw in Gemini CLI — the “@google/gemini-cli” npm package and the “google-github-actions/run-gemini-cli” GitHub Actions workflow — that could have allowed attackers to execute arbitrary commands on host systems.”The vulnerability allowed an unprivileged external attacker to force their own malicious content to load as Gemini configuration,” First seen on…
-
Warp open sources its AI terminal client
Warp, the AI-centric terminal used by close to a million developers, has released the source code for its client on GitHub under the AGPL license, with OpenAI signed on as the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/30/warp-open-source-client/
-
Warp open sources its AI terminal client
Warp, the AI-centric terminal used by close to a million developers, has released the source code for its client on GitHub under the AGPL license, with OpenAI signed on as the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/30/warp-open-source-client/
-
Warp open sources its AI terminal client
Warp, the AI-centric terminal used by close to a million developers, has released the source code for its client on GitHub under the AGPL license, with OpenAI signed on as the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/30/warp-open-source-client/
-
Warp open sources its AI terminal client
Warp, the AI-centric terminal used by close to a million developers, has released the source code for its client on GitHub under the AGPL license, with OpenAI signed on as the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/30/warp-open-source-client/
-
Warp open sources its AI terminal client
Warp, the AI-centric terminal used by close to a million developers, has released the source code for its client on GitHub under the AGPL license, with OpenAI signed on as the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/30/warp-open-source-client/
-
Zounds, a genuinely helpful AI-assisted bug report that isn’t total slop! Here, Wiz, take this wad of cash
Claude ploughs through months of work in rapid time, helps Wiz researchers nab lucrative award First seen on theregister.com Jump to article: www.theregister.com/2026/04/29/github_woah_a_genuinely_helpful/
-
Zounds, a genuinely helpful AI-assisted bug report that isn’t total slop! Here, Wiz, take this wad of cash
Claude ploughs through months of work in rapid time, helps Wiz researchers nab lucrative award First seen on theregister.com Jump to article: www.theregister.com/2026/04/29/github_woah_a_genuinely_helpful/
-
Reverse Engineering With AI Unearths High-Severity GitHub Bug
Wiz used an AI reverse-engineering tool to pinpoint a vulnerability that previously would have been too costly and time-consuming to undertake. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/reverse-engineering-ai-unearths-high-severity-github-bug
-
GitHub Flaw Enables Remote Code Execution With a Single Git Push
A GitHub flaw (CVE-2026-3854) enabled backend code execution via a single git push, risking exposure of repositories and secrets. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/github-flaw-enables-remote-code-execution-with-a-single-git-push/
-
GitHub Flaw Enables Remote Code Execution With a Single Git Push
A GitHub flaw (CVE-2026-3854) enabled backend code execution via a single git push, risking exposure of repositories and secrets. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/github-flaw-enables-remote-code-execution-with-a-single-git-push/
-
GitHub Flaw Enables Remote Code Execution With a Single Git Push
A GitHub flaw (CVE-2026-3854) enabled backend code execution via a single git push, risking exposure of repositories and secrets. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/github-flaw-enables-remote-code-execution-with-a-single-git-push/
-
A Mini Shai-Hulud Targeting the SAP Ecosystem
7 stolen GitHub tokens. 971 repositories. A self-replicating supply chain attack targeting SAP’s Node.js packages, and it’s still active. Here’s what GitGuardian found. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/a-mini-shai-hulud-targeting-the-sap-ecosystem/
-
A Mini Shai-Hulud Targeting the SAP Ecosystem
7 stolen GitHub tokens. 971 repositories. A self-replicating supply chain attack targeting SAP’s Node.js packages, and it’s still active. Here’s what GitGuardian found. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/a-mini-shai-hulud-targeting-the-sap-ecosystem/