Microsoft warns of new Defender zero-days exploited in attacks (2026-05-21 07:49 UTC)
Kurz: On Wednesday, Microsoft started rolling out security patches for two Defender vulnerabilities that have been exploited in zero-day attacks. […]
Kurz: GitHub says the hackers who breached 3,800 internal repositories gained access via a malicious version of the Nx Console VS Code extension, compromised in last week’s TanStack npm supply-chain attack. […]
Kurz: The Ukrainian cyberpolice, working in conjunction with U.S. law enforcement, has identified an 18-year-old man from Odesa suspected of running an infostealer malware operation targeting users of an online store in California. […]
GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension (2026-05-21 04:27 UTC)
Kurz: GitHub on Wednesday officially confirmed that the breach of its internal repositories was the result of a compromise of an employee device involving a poisoned version of the Nx Console Microsoft Visual Studio Code (VS Code) extension. The …
Kurz: Drupal has released security updates for a “highly critical” security vulnerability in Drupal Core that could be exploited by attackers to achieve remote code execution, privilege escalation, or information disclosure. The vulnerability, no…
Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development (2026-05-20 17:06 UTC)
Kurz: Microsoft has unveiled two new open-source tools called RAMPART and Clarity to assist developers in better testing the security of artificial intelligence (AI) agents. RAMPART, short for Risk Assessment and Measurement Platform for Agentic …