PyPI package with 1.1M monthly downloads hacked to push infostealer bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

🚨 BREAKING: Wiz Research discovered Remote Code Execution on GitHub.com with a single git push The flaw in GitHub allowed unauthorized access to millions of repositories belonging to other users and organizations 🤯

⚠️ ALERT — SAP related npm packages were just found shipping credential-stealing malware. A preinstall script runs on install, steals tokens, and injects GitHub Actions to self-propagate, exfiltrating encrypted secrets via victim-owned repos. 🔗 Read → thehackernews.com/2026/04/sap-np…

Time to talk about this one. CopyFail (CVE-2026-31431) — a 732-byte Python script that roots every Linux distro shipped since 2017. 🧵

Suddenly feeling the urge to copy your repo somewhere new? Entire is open sourcing our latest project today: git-sync. Most git migration tools assume you’ll make a local mirror clone, fetch everything down, then push it back up somewhere else. Instead, git-sync mirrors refs

🚨 Supply chain attacks are escalating... A widely used AI dev tool, PyTorch Lightning, was compromised on PyPI and turned into a credential stealer. → Malicious code runs on import → No user action needed → Credentials silently stolen Read: thehackernews.com/2026/04/pytorc…

🚨 CRITICAL CYBER THREAT ALERT: MASSIVE ATTACK AGAINST OPEN SOURCE INFRASTRUCTURE – UBUNTU (CANONICAL) 🐧🚫🌐 A coordinated Distributed Denial of Service (DDoS) offensive targeting Ubuntu's main servers (ubuntu.com) has been detected. The hacktivist group known as

There is a surge of supply chain attacks (and it is only going to get worse) If you are using pnpm, take these steps to protect yourself: * set minimumReleaseAge to 7 days * set blockExoticSubdeps to true * configure onlyBuiltDependencies npm / yarn have similar settings

Everybody is adding a feature where you can manage your agents from your phone. Don't use it. You'll just get even more addicted, and will burn out even quicker.

⚠️ Update: Mini Shai-Hulud is spreading across ecosystems. → intercom-client (npm) and intercom-php (Packagist) compromised → Install-time hooks deploy credential stealer Attack targets GitHub tokens, cloud creds, SSH keys, Kubernetes, Vault, Docker, and .env files. Read:

These attacks are getting increasingly complex! Our approach in OSS to security will have to increase to try match this! Firewalls (actual devices), Yubico keys, socket firewall etc will probably need to be our norm.

❗️ Apple accidentally shipped Claude[.]md files in the Apple Support app update (v5.13). For context, Claude[.]md is the instruction file Anthropic's Claude Code uses to understand a project's structure, conventions, and developer guidance. They typically live in source repos

Canonical’s web infrastructure is under a sustained, cross-border attack and we are working to address it. We will provide more information in our official channels as soon as we are able to.

Ubuntu Fixes available for CVE-2026-31431 (Copy Fail) Linux Kernel Local Privilege Escalation Vulnerability ubuntu.com/blog/copy-fail…

This is exactly why we believe the entire disclosure process and mentality need to shift. AI has fundamentally changed how vulnerabilities are found and exploited. The old model simply doesn’t scale anymore.

Since the CopyFail exploit proof of concept only works on amd64 architecture and not arm64, you can use copy-fail-c to compile it for your specific platform, and simply run the "vulnerable" binary to check whether you are vulnerable instead of the actual exploit.

Patches for Copy Fail (CVE-2026-31431) are not yet available from Red Hat, so our core team has built patched kernels. These kernels are available in the testing repository today. Learn more on our blog ⤵️ almalinux.org/blog/2026-05-0…

🚨 CVE-2026-41940 (cPanel): Exploited for botnet + ransomware campaigns • Weaponized within 24h by multiple actors • ~80% of new malicious hosts = cPanel • +15K systems flagged in 24h • Mirai variants observed • “.sorry” ransomware active Exploitation is scaling fast.

Regarding CVE-2026-31431 #CopyFail, is anyone else concerned about GitHub Actions and other shared Linux infrastructure? GitHub has acknowledged that their runners are affected and have no patch yet github.com/actions/runner…