#Credential Theft
One-Click github.dev Attack Lets Malicious Repos Steal Full GitHub Tokens
One-Click github.dev Attack Lets Malicious Repos Steal Full GitHub Tokens | 2026 Executive Summary Security researcher Ammar Askar disclosed a one-click attack...
Lucas Oliveira
Research
LLMShare Turns Trusted AI Domains Into Malware Delivery Infrastructure
LLMShare Turns Trusted AI Domains Into Malware Delivery Infrastructure | 2026 Executive Summary Push Security disclosed a live campaign it tracks as LLMShare, w...
Lucas Oliveira
Research
FortiClient EMS exploit turns endpoint management into credential theft at scale
FortiClient EMS exploit turns endpoint management into credential theft at scale CVE-2026-35616 matters because it breaks a security assumption many teams quiet...
Lucas Oliveira
Research
GlassWorm takedown shows how developer malware becomes supply-chain risk
GlassWorm takedown shows how developer malware becomes supply-chain risk Executive Summary The coordinated disruption of GlassWorm on May 26, 2026 is useful bec...
Lucas Oliveira
Research
GitHub Action tag hijack turns CI/CD runs into credential theft
GitHub Action tag hijack turns CI/CD runs into credential theft A fresh GitHub Actions supply chain incident is a good reminder that "pinned" does not mean safe...
Lucas Oliveira
Research
CVE-2026-20182 makes Cisco SD-WAN controllers an urgent KEV priority
CVE-2026-20182 makes Cisco SD-WAN controllers an urgent KEV priority CVE-2026-20182 is not landing as a routine patch bulletin. Cisco says the flaw is already b...
Lucas Oliveira
Research
LiteLLM SQL injection flaw puts AI gateways on the front line
LiteLLM SQL injection flaw puts AI gateways on the front line CVE-2026-42208 matters because it turns an AI gateway into a high-value choke point for attackers....
Lucas Oliveira
Research
PyTorch Lightning supply-chain compromise puts AI developer credentials at risk
PyTorch Lightning supply-chain compromise puts AI developer credentials at risk The most dangerous supply-chain incidents are not always the ones that hit opera...
Lucas Oliveira
Research
Bitwarden CLI npm compromise exposes CI/CD credential risk
Bitwarden CLI npm compromise exposes CI/CD credential risk A brief compromise of the Bitwarden CLI npm distribution is still a high-priority defender story beca...
Lucas Oliveira
Research
CVE-2026-39987 puts exposed Marimo notebooks on a fast credential-theft path
CVE-2026-39987 puts exposed Marimo notebooks on a fast credential-theft path CVE-2026-39987 is a sharp reminder that smaller developer and data-science platform...
Lucas Oliveira
Research
Storm-1175 turns patch gaps into rapid Medusa ransomware intrusions
Storm-1175 turns patch gaps into rapid Medusa ransomware intrusions Storm-1175 is a financially motivated threat actor that Microsoft says has been using newly...
Lucas Oliveira
Research
LeakBase arrest is a warning to review stolen credential exposure now
LeakBase arrest is a warning to review stolen credential exposure now | 2026 The reported arrest of the alleged LeakBase administrator in Russia is the kind of...
Lucas Oliveira
Research