#Credential Theft

CVE-2026-39987 puts exposed Marimo notebooks on a fast credential-theft path CVE-2026-39987 is a sharp reminder that smaller developer and data-science platform...

Lucas Oliveira

Research

Storm-1175 turns patch gaps into rapid Medusa ransomware intrusions Storm-1175 is a financially motivated threat actor that Microsoft says has been using newly...

Lucas Oliveira

Research

LeakBase arrest is a warning to review stolen credential exposure now | 2026 The reported arrest of the alleged LeakBase administrator in Russia is the kind of...

Lucas Oliveira

Research

Poisoned Trivy scanner led to malicious LiteLLM releases on PyPI | 2026 The LiteLLM incident is what modern software supply-chain compromise looks like when one...

Lucas Oliveira

Research

Trivy GitHub Action compromise exposed CI/CD secrets in a stealth supply-chain attack A supply-chain compromise in Aqua Security’s aquasecurity/trivy-action sho...

Lucas Oliveira

Research

CVE-2025-26399: SolarWinds WHD Exploitation Hits Servers | 2026 Executive Summary CVE-2025-26399 in SolarWinds Web Help Desk has moved from “critical but patcha...

Lucas Oliveira

Research

TELUS Digital breach: ShinyHunters claims 1PB data theft | 2026 Executive Summary TELUS Digital confirmed on March 12, 2026 that it is investigating unauthorize...

Lucas Oliveira

Research

Chrome Extension Supply-Chain Attack: ShotBird and QuickLens | 2026 Executive Summary ShotBird and QuickLens, two Chrome extensions that were previously legitim...

Lucas Oliveira

Research