Cyber Security
“`html Malicious Script Injection in Trivy Compromise A complex supply chain breach targeting the official Trivy GitHub Action (aquasecurity/trivy-action) has breached continuous integration and continuous deployment (CI/CD) pipelines worldwide. Revealed in late...
Cyber Security
“`html FBI, CISA Warn Russian Hackers The Federal Bureau of Investigation (FBI) along with the Cybersecurity and Infrastructure Security Agency (CISA) have recently published a collaborative advisory concerning a widespread phishing operation. This warning...
Cyber Security
“`html A Russian state-affiliated threat entity has initiated a focused cyber assault on a Ukrainian governmental organization, utilizing a cross-site scripting (XSS) flaw in Zimbra Collaboration Suite to extract credentials and confidential email information....
Cyber Security
“`html A current operation by the Interlock ransomware collective is taking advantage of a severe zero-day flaw (CVE-2026-20131) within Cisco Secure Firewall Management Center (FMC) Software. This defect may permit an unauthenticated remote intruder to run...
Cyber Security
“`html The Microsoft Detection and Response Team describes an intricate voice phishing (vishing) campaign that effectively breached a corporate setting in November 2025. Differing from traditional intrusions that depend on software vulnerabilities, this assault...
