GitHub Hacked Via Malicious VS Code Extension, Critical Nginx Flaw Exploited

Post Views: 1

Latest Security News and Updates

Stay up-to-date with the latest security news and updates.

GitHub Breached via Poisoned VS Code Extension

Microsoft-owned GitHub confirmed a breach of its internal code repository, attributed to a compromised Visual Studio Code (VS Code) extension developed by the threat group TeamPCP. The breach was first reported by TeamPCP, which claimed responsibility for accessing GitHub’s private code base. An investigation by GitHub confirmed the incident, highlighting the potential risks associated with third-party extensions and the importance of robust security measures in code development environments.

Continuous Authentication System using Heartbeat

According to researchers, a new continuous authentication system called AccLock uses the unique vibrations caused by a heartbeat to identify individuals. This innovative approach holds promise for improving authentication security in various applications, such as access control and secure communication.

Critical NGINX Flaw Exploited by Attackers

A critical vulnerability identified in NGINX (CVE-2026-42945) has been exploited by attackers, as reported by VulnCheck security researcher Patrick Garrity. The flaw allows unauthorized access to sensitive data and highlights the need for prompt patching and security updates in web server configurations.

Communicating Cyber Risk in Dollars Boards Understand

Nick Nieuwenhuis, Cybersecurity Architect at Nedscaper, discusses the challenges of communicating cybersecurity risks to stakeholders who prioritize financial metrics. He emphasizes the need for clear, data-driven messaging to effectively convey the importance of investing in cybersecurity measures.

Microsoft Provides Mitigation for YellowKey BitLocker Bypass Flaw

Microsoft is addressing a vulnerability (CVE-2026-45585) that can be used to bypass BitLocker encryption and access user data. The company is working on a fix, emphasizing the importance of maintaining strong security practices and regularly updating software to prevent similar exploits.

Why AI Changed the Threat Model for Travel Technology

Devon Bryan, SVP, Global CSO at Booking Holdings, shares insights on the impact of AI on the threat landscape for travel technology. He reflects on his career journey from Air Force network security engineer to global CSO across multiple industries, highlighting the evolving nature of cybersecurity threats.

Research by Aikido Security has found that deleting Google API keys does not immediately disable them. Instead, they continue to function for up to 23 minutes before being fully disabled. This highlights the importance of promptly revoking API keys when they are compromised to prevent unauthorized access.

Microsoft Open-Sources Tools for Designing and Testing AI Agents

Microsoft has open-sourced two tools aimed at enhancing security discipline in AI agent development: Clarity, a structured design review tool, and RAMPART, a continuous testing framework. These resources aim to improve the reliability and safety of AI systems.

Attackers Access Grafana Labs’ GitHub Environment Through TanStack Supply Chain Compromise

Grafana Labs experienced a breach of its GitHub environment, attributed to a compromise of the TanStack supply chain. The incident highlights the risks associated with relying on third-party dependencies and the importance of securing software development pipelines.

Verizon DBIR: Vulnerability Exploitation Dominates Initial Access Vector

The 2026 Verizon Data Breach Investigations Report reveals that vulnerability exploitation has surpassed stolen credentials as the primary means of initial access for attackers. This trend underscores the need for proactive vulnerability management and regular security updates.

New MacOS Infostealer Impersonates Apple, Microsoft, and Google

SentinelOne discovered a macOS infostealer variant called Reaper, which impersonates Apple, Microsoft, and Google to trick victims into executing malicious code. The malware targets browser data, password managers, and cryptocurrency wallets while establishing persistence for continued access.