Sleeper packages in Ruby and Go steal credentials and alter CI workflows, leading to persistent access and data exfiltration.
CVE-2026-32202 actively exploited after April 27 advisory fix, exposing NTLMv2 hashes via zero-click SMB authentication.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results