GitHub confirms nearly 4K repos breached after employee installed malicious VS Code extension

The company said that its current investigation indicates the attackers accessed only GitHubu2019s internal repositories.

Latest Security News

View Archive →

Security News

China-linked Webworm APT updates its arsenal with EchoCreep and GraphWorm backdoors

Webworm has shifted from the McRat and Trochilus remote access trojans to lightweight proxy infrastructure and cloud-based C&C mechanisms.

May 20, 2026 3 min read

Security News

Chinese hackers target entities with updated FDMTP backdoor

The intrusion chain involved attackers delivering a legitimate executable, a matching .config file, and a malicious DLL designed for sideloading into the trusted process.

May 20, 2026 3 min read

Security News

Fox Tempest-run malware-signing service disrupted

The service abused Microsoft Artifact Signing to generate short-term certificates that allowed malware to appear as legitimate software.

May 20, 2026 3 min read

Security News

New variant of SHub macOS malware uses AppleScript to evade Apple security protections

The updated malware targets macOS users via fake installers for popular applications including WeChat and Miro.

🕒 May 19, 2026 • 2 min read

Security News

Drupal warns of upcoming u2018highly criticalu2019 security release on May 20

The upcoming patches will cover Drupal core branches 11.3.x, 11.2.x, 10.6.x, and 10.5.x.

🕒 May 19, 2026 • 2 min read

Security News

Operation Ramz nets 201 arrests in major MENA cybercrime crackdown

The operation involved law enforcement agencies from 13 countries aiming to dismantle malicious cyber infrastructure and disrupt phishing campaigns.

🕒 May 19, 2026 • 2 min read

GitHub confirms nearly 4K repos breached after employee installed malicious VS Code extension

Latest Security News

China-linked Webworm APT updates its arsenal with EchoCreep and GraphWorm backdoors

Chinese hackers target entities with updated FDMTP backdoor

Fox Tempest-run malware-signing service disrupted

New variant of SHub macOS malware uses AppleScript to evade Apple security protections

Drupal warns of upcoming u2018highly criticalu2019 security release on May 20

Operation Ramz nets 201 arrests in major MENA cybercrime crackdown

Please verify you're human