What Supply Chain Attacks Really Want: Your Secrets

Shai Hulud 2.0 serves as a loud confirmation of a pattern that has been building for years. In most modern software supply chain attacks, secrets are the first thing attackers go after, and they do it ...

OAuth phishers make ‘check where the link points’ advice ineffective

Microsoft has identified a phishing campaign using malformed links to legitimate OAuth services to redirect to malware ...

CISA flags VMware Aria Operations RCE flaw as exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a VMware Aria Operations vulnerability tracked as CVE-2026-22719 to its Known Exploited Vulnerabilities catalog, flagging the ...