Search

guru3d.com › story

Malicious VS Code Extension Linked to Theft of 3,800 GitHub Repositories

A reported software supply chain attack involving a malicious Visual Studio Code extension has exposed the growing security risks surrounding modern development environments. According to published reports, a hacker group known as…

May 21, 2026 · Hilbert Hagedoorn

Top stories

theverge.com

Cybersecurity

6d ago

bleepingcomputer.com

OpenAI confirms security breach in TanStack supply chain attack

1w ago

techcrunch.com

US bank discloses security lapse after sharing customer data with AI app | TechCrunch

1w ago

bleepingcomputer.com

Signal adds security warnings for social engineering, phishing attacks

1w ago

techcrunch.com › 2026 › 05 › …

Open source tool maker Grafana Labs says hackers stole its code, refuses to pay ransom | TechCrunch

…The company has since invalidated the token and added additional security measures to prevent a repeat incident. “The attacker attempted to blackmail us, demanding payment to prevent the release of our codebase…

May 18, 2026 · Zack Whittaker

github.blog › changelog

Rule insights dashboard and unified filter bar - GitHub Changelog

Back to changelog Rule insights dashboard GitHub repository rulesets are powerful, but it hasn’t been easy to spot trends like spikes in blocked pushes during an incident or patterns in bypass…

Apr 16, 2026 · Allison

wired.com › story

Cyberattack on a Car Breathalyzer Firm Leaves Drivers Stuck

…The incident was reportedly serious enough to warrant a “Sev1” alert, the second-highest category of severity that Meta uses to label security incidents.

Mar 21, 2026 · Matt Burgess

Discussions and forums

r/sysadmin · u/xendr0me · 1w ago

What a bunch of idiots... Canvas

https://www.reddit.com/r/canvas/comments/1taj9mk/instructure_just_confirmed_they_paid_the_ransom/ "We received assurances that it will not be further shared on the dark web or elsewhere, and we received proof that any co…

Hacker News · u/introvertmac · Dec 3, 2025

Tell HN: Compliance is not equal to Security

For over a decade, I’ve been doing bug bounty, security audits, and security consulting. And if there’s one thing I’ve seen repeatedly, it’s this:Most startups call a security engineer or hire a security agency only when…

1 1

r/netsec · u/unknownhad · 2w ago

The compression of the exploit timeline: Why n-day gaps and 90-day embargoes are failing in practice.

The traditional vulnerability disclosure timeline relies on a fundamental assumption: exploit development and vulnerability discovery take time. Over the last 12 months the integration of LLMs into offensive tooling has …

r/selfhosted · u/ldkv · 1w ago

Accidentally exposed publicly my entire LAN for 2 weeks

Posting this as a PSA / confession because I almost had a heart attack last night and I figure if I got bit, someone else will too. TL;DR: Replaced pangolin + NPMplus with a double-Caddy + WireGuard setup. Put a "clever"…

techcrunch.com › 2026 › 05 › …

US lawmakers demand answers from Instructure after Canvas data breaches | TechCrunch

…security, the committee’s chair, Representative Andrew Garbarino, wrote in a letter to Instructure chief executive Steve Daly. U.S. cybersecurity agency CISA has been called in to help with the incident…

May 13, 2026 · Zack Whittaker

pushsquare.com › news › 2026 › …

GTA 6 Dev Confirms Another Data Breach, Hackers Demand Ransom

…The spectre of that incident still looms large, though, and rumours started swirling earlier today that it may happen again. Writing on its dark web page, a hacker group named ShinyHunters claimed…

Apr 11, 2026 · Push Square

gamerant.com › amouranth-house-shooting

Shots Fired Near Amouranth's House

…Amouranth's Home Has Been Targeted Before Lee said on Twitter that he heard around nine to 10 gunshots fired during the time of the incident. Unfortunately, this latest incident is not…

May 6, 2026 · James Ratcliff

bleepingcomputer.com › news › security

NVIDIA confirms GeForce NOW data breach affecting Armenian users

…The company added that its own network was not impacted by the incident. “Our investigation found no impact on NVIDIA-operated services. The issue is limited to systems run by a third…

May 8, 2026 · Bill Toulas

appleinsider.com › articles › 26 › …

If your Mac is saying the ChatGPT app is malware, here's how to fix it

…certificate because of security concerns. "We recently identified a security issue involving a third-party developer tool, Axios, that was part of a widely reported, broader industry incident," wrote OpenAI…

May 12, 2026 · William Gallagher

tomshardware.com › tech-industry › cyber-security

Compromised Mistral AI and TanStack packages may have exposed GitHub, cloud and CI/CD credentials in 'mini Shai Hulud'  malware infection — supply-chain campaign spreads across npm and AI developer ecosystems like wildfire

…Earlier Monday, security firm Aikido warned that malicious package versions tied to the popular TanStack JavaScript ecosystem had been compromised in two separate attack waves beginning around 19:20 UTC. Affected packages…

May 12, 2026 · Etiido Uko