On September 8, 2025, one of the largest npm supply chain incidents in recent history unfolded. Popular libraries like debug and chalk along with 16 other utilities were hijacked and pushed to npm with malicious code targeting cryptocurrency wallets and blockchain transactions. These packages collectively have billions of weekly downloads, making this compromise both widespread […]

A critical vulnerability was disclosed in Argo CD, a popular GitOps continuous delivery tool. This flaw allows project-level API tokens to retrieve sensitive repository credentials such as usernames and passwords, even when those tokens do not have explicit permissions to access secrets. Overview Argo CD uses project-level tokens to automate deployment workflows and manage applications.Due […]

On August 26, 2025, the popular Nx build system package was compromised in a sophisticated supply-chain attack. Malicious versions of Nx and related packages were published to npm, embedding malware that scanned developer environments for sensitive credentials and exfiltrated them. This attack stands out not only because of its impact with thousands of developers who […]

A critical vulnerability in sudo (Changelog v1.9.14–1.9.17) allows local users to gain root access via the –chroot (-R) option. This flaw carries a CVSS 3.1 score of 9.3 (Critical). Affected Versions Platform Coverage Why This Matters This flaw originates from a change introduced in sudo 1.9.14. Path resolution began occurring within the chroot environment before the […]

Modern AI systems, especially large language models (LLMs), are no longer isolated engines responding to static inputs. They’re evolving into intelligent agents, copilots, and autonomous systems that interact with their environment, reason over external data, and adapt in real time. But there’s a fundamental problem: LLMs are powerful, but they don’t know anything outside of […]

A critical security vulnerability, identified as CVE-2025-24813, has been discovered in Apache Tomcat, potentially exposing servers to remote code execution (RCE), information disclosure, and data corruption risks. This flaw affects the following versions:​ Understanding CVE-2025-24813 The vulnerability originates from improper handling of path equivalence when processing filenames that contain internal dots. Specifically, when Tomcat’s default […]

On February 18, 2025, two critical vulnerabilities were disclosed in OpenSSH, a widely used secure networking utility suite. These flaws, identified as CVE-2025-26465 and CVE-2025-26466, pose significant security risks: Discovery and Response The vulnerabilities were uncovered by the Qualys Threat Research Unit (TRU). They affect OpenSSH client versions 6.8p1 through 9.9p1 and 9.5p1 through 9.9p1, […]

In our previous article on Cloud Heists, we highlighted how attackers exploit credential theft and privilege escalation to take over cloud environments. However, ransomware poses an even broader threat, targeting cloud platforms to steal sensitive data, disrupt business operations, and hold companies hostage. In this post, we’ll explore these growing ransomware trends and offer insights […]

Cloud environments have changed how organizations manage their infrastructure, offering flexibility and scalability. But these benefits also bring new risks, and even small mistakes in cloud security can have serious consequences. For example, Google Cloud once accidentally deleted data from a $125 billion Australian pension fund due to a simple configuration error. Although this wasn’t […]