May 19, 2026 – CyberGate

GitHub Actions Supply Chain Attack Redirects Tags to Steal CI/CD Credentials

In yet another software supply chain attack, threat actors have compromised the popular GitHub Actions workflow, actions-cool/issues-helper, to run malicious code that harvests sensitive credentials and exfiltrates them to an attacker-controlled server. “Every existing tag in the repository has been

Citește mai departe

Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account

Cybersecurity researchers have discovered a fresh software supply chain attack campaign that has compromised various npm packages associated with the @antv ecosystem as part of the ongoing Mini Shai-Hulud attack wave. “The attack affects packages tied to the npm maintainer

Citește mai departe

Day: May 19, 2026

GitHub Actions Supply Chain Attack Redirects Tags to Steal CI/CD Credentials

Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account

Recent News

GitHub Actions Supply Chain Attack Redirects Tags to Steal CI/CD Credentials

Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account

INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks with 201 Arrests

⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More

How to Reduce Phishing Exposure Before It Turns into Business Disruption

Developer Workstations Are Now Part of the Software Supply Chain

Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws

Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware

Pre-Stuxnet Fast16 Malware Tampered with Nuclear Weapons Simulations

MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems