by Beck Bailey | Feb 13, 2026 | RSS
In December 2025, in response to the Sha1-Hulud incident, npm completed a major authentication overhaul intended to reduce supply-chain attacks. While the overhaul is a solid step forward, the changes don’t make npm projects immune from supply-chain attacks. npm is...
by Beck Bailey | Feb 13, 2026 | RSS
Threat actors have started to exploit a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products, according to watchTowr. “Overnight we observed first in-the-wild exploitation of BeyondTrust...
by Beck Bailey | Feb 12, 2026 | RSS
Apple urges users to update after patching CVE-2026-20700, a zero-day flaw exploited in sophisticated targeted attacks across multiple devices. The post Critical Apple Flaw Exploited in ‘Sophisticated’ Attacks, Company Urges Rapid Patching appeared first on...
by Beck Bailey | Feb 12, 2026 | RSS
Microsoft patches 58 vulnerabilities, including six actively exploited zero-days across Windows, Office, and RDP, as CISA sets a March 3 deadline. The post Microsoft’s February Patch Tuesday Fixes 6 Zero-Days Under Attack appeared first on TechRepublic.
by Beck Bailey | Feb 12, 2026 | RSS
Google on Thursday said it observed the North Korea-linked threat actor known as UNC2970 using its generative artificial intelligence (AI) model Gemini to conduct reconnaissance on its targets, as various hacking groups continue to weaponize the tool for accelerating...
Recent Comments