GitHub has unveiled a comprehensive strategy to enhance npm’s security in response to a surge in malicious package registry attacks.
Following the self-propagating Shai-Hulud worm that infiltrated popular JavaScript packages on September 14, the platform is rolling out a series of measures aimed at preventing...
Cloudflare today revealed that its autonomous defenses mitigated the largest distributed denial-of-service (DDoS) attack ever recorded, peaking at a staggering 22.2 terabits per second (Tbps) and 10.6 billion packets per second (Bpps).
This hyper-volumetric strike eclipses the previous UDP flood record of 11.5 Tbps,...
Security researchers at GitGuardian have uncovered a sophisticated supply chain attack dubbed "GhostAction" that compromised 327 GitHub users across 817 repositories, successfully stealing 3,325 sensitive developer secrets.
The attack, discovered on September 5, 2025, represents one of the largest documented cases of malicious GitHub...
Microsoft Teams users worldwide are experiencing a significant service disruption today, as the collaboration platform fails to open embedded Microsoft Office documents.
The problem, first reported early Thursday morning, has rendered essential files—Word documents, Excel spreadsheets, and PowerPoint presentations—unavailable within Teams channels and chats,...
A critical zero-day remote code execution vulnerability in Citrix NetScaler ADC and Gateway systems is putting thousands of organizations at immediate risk.
CVE-2025-7775 affects over 28,000 instances globally and is being actively exploited by threat actors, prompting emergency patch deployment advisories from cybersecurity agencies...
In a critical security advisory, researchers have disclosed a stored cross-site scripting (XSS) vulnerability in IPFire 2.29’s web-based firewall interface (firewall.cgi).
Tracked as CVE-2025-50975, the vulnerability enables any authenticated administrator to inject arbitrary JavaScript that remains persistently stored in firewall rule parameters.
When other...