security

The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$.

The post From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI appeared first on SecurityWeek.

A telemetry pipeline has become a core layer in modern security operations because teams no longer send data from applications, infrastructure, and cloud services straight into a single backend and hope for the best. In 2026, most environments are distributed across cloud, hybrid, and on-prem systems, which means more services, more data sources, more formats, […]

The post Telemetry Pipeline: How It Works and Why It Matters in 2026 appeared first on SOC Prime.

Linux-focused ransomware Pay2Key is actively targeting enterprise servers, VMware ESXi virtualization hosts, and cloud workloads, underscoring how far Linux ransomware has evolved beyond simple file lockers. Originally known for fast, human-operated Windows intrusions against Israeli and Brazilian organizations, Pay2Key has re-emerged as a ransomware-as-a-service (RaaS) with explicit support for Linux environments. Recent research shows that newer […]

The post Linux Ransomware Pay2Key Targets Servers, Virtualization Hosts, and Cloud Workloads appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

F5 has disclosed a high-severity vulnerability (CVE-2026-32647) in the NGINX ngx_http_mp4_module that allows attackers execute arbitrary code or cause a denial-of-service (DoS) using crafted MP4 files. This flaw impacts NGINX Plus and NGINX Open Source deployments where the MP4 streaming module is explicitly enabled in the server configuration. Vulnerability Details The security flaw, tracked as CVE-2026-32647, is […]

The post F5 NGINX Plus & Open‑Source Flaw Lets Attackers Execute Code via MP4 File appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical vulnerability dubbed “PolyShell” is actively being exploited across Magento and Adobe Commerce platforms. Discovered by the Sansec Forensics Team and published on March 17, 2026, this flaw allows unauthenticated attackers to upload executable files via the platform’s REST API. Because no official patch currently exists for production versions, thousands of online stores are […]

The post Hackers Exploiting Magento Flaw to Execute Remote Code and Seize Full Account Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Romania Under DDoS Attacks: Weekly DDoS Threat Intelligence Analysis Analysis Period: March 17 – 23, 2026 Between March 17 and 23, 2026, SOCRadar identified an extensive coordinated DDoS campaign conducted by the pro-Russian threat actor NoName057(16) using their DDoSia attack tool. The campaign resulted in 13,716 recorded attack entries, targeting 148 unique domains and 134 […]