VS Code zero-day lets hackers steal GitHub tokens in one click
VS Code zero-day lets hackers steal GitHub tokens in one click By Sergiu Gatlan June 3, 2026 02:50 AM A security researcher has released exploit code for a Visual Studio…
Search
Top stories
phpBB forum fixes auth bypass bug lurking for a decade
…Researchers at application security company Aikido found the bug on June 2nd and reported it through the developer's HackerOne Vulnerability Disclosure Program. phpBB responded to the report immediately and addressed the…
GitHub investigates internal repositories breach claimed by TeamPCP
…In March, the hacker group also compromised Aqua Security's Trivy vulnerability scanner , which is believed to have led to cascading compromises affecting Aqua Security Docker images and the Checkmarx KICS project…
Official CheckMarx Jenkins package compromised with infostealer
…The compromise was claimed by the TeamPCP hacker group, which initiated a spree of supply-chain attacks that included the Shai-Hulud campaigns on npm and the Trivy vulnerability scanner breach, resulting…
Hackers exploit FortiClient EMS flaw to push infostealer malware
…CISA reacted quickly to the malicious activity and ordered federal agencies to secure their instances by the end of that week, while the internet security watchdog group The Shadowserver Foundation reported at…
Microsoft Defender can now automatically isolate hacked endpoints
…This is now available in preview mode and works as part of automatic attack disruption, a feature designed to contain attacks, limit their impact, and provide security teams with more remediation time…
Zara data breach exposed personal information of 197,000 people
…More recently, ShinyHunters hacked education technology giant Instructure twice , the second time exploiting a security vulnerability to deface Canvas login portals for approximately 330 colleges and universities and threatening to leak data…
Over 20,000 Instagram accounts stolen in Meta AI support hack
…It also enrolled all potentially stolen accounts into a mandatory security checkpoint and asked all affected users to reset their passwords again and re-authenticate to secure and regain control of the…
CISA warns of active attacks exploiting Android, Linux bugs
…Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are exploiting vulnerabilities in the Linux kernel and Android operating system. The most recent flaw the agency added to its Known Exploited…
KnowledgeDeliver flaw exploited as a zero-day to install web shells
…to install a “security authentication plugin” and to load a malicious script from a domain under the attacker’s control. Over the past year, hackers have used improperly secured machine keys in…