GitHub says internal repos exfiltrated after poisoned VS Code extension attack

GitHub, the world's biggest code repository and DevOps platform, fell victim to a malicious Visual Studio Code (VS Code) ...
CSO Online

Unpatched ChromaDB flaw leaves servers open to remote code execution

The ChromaToast vulnerability can be exploited by forcing the ChromaDB API server to fetch and load maliciously crafted AI ...
SecurityWeek

Adobe Patches 52 Vulnerabilities in 10 Products

Adobe has released patches for 52 vulnerabilities across 10 products, including flaws leading to arbitrary code execution.
Cybernews

NGINX is critically vulnerable: hackers can crash servers and run remote code with no authentication

A critical, 18-year-old vulnerability in the NGINX web server has been discovered, which allows unauthenticated attackers to ...

GitHub rushed to fix a critical vulnerability in less than six hours

GitHub’s engineering team developed a fix and deployed it just over an hour after identifying the root cause, protecting both ...
The Hacker News

New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution

Exim has released security updates to address a severe security issue affecting certain configurations that could enable ...