by Beck Bailey | Jun 17, 2026 | RSS
Breaches don’t always start with a zero-day. An exposed admin panel can get brute-forced, or credentials reused from a previous attack. But when a vulnerability does drop — like MongoBleed earlier this year, which let attackers pull credentials and session...
by Beck Bailey | Jun 17, 2026 | RSS
Cybersecurity researchers have flagged a “coordinated malware campaign” on the JetBrains Marketplace that has published no less than 15 malicious plugins capable of exfiltrating artificial intelligence (AI) provider keys. “Every plugin poses as an AI...
by Beck Bailey | Jun 17, 2026 | RSS
As many as 144 npm packages associated with the Mastra namespace (“@mastra/*”), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) applications, have been compromised as part of a software supply chain...
by Beck Bailey | Jun 17, 2026 | RSS
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The...
by Beck Bailey | Jun 16, 2026 | RSS
Infinite Campus says a Salesforce breach exposed data tied to 137,000 school staff accounts, raising phishing and SaaS security concerns. The post Infinite Campus: Salesforce Breach Exposed 137,000 Staff Records appeared first on TechRepublic.
Recent Comments