GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
SecurityWeek

Critical ScreenConnect Vulnerability Exposes Machine Keys

ConnectWise has patched a critical ScreenConnect flaw that allowed attackers to obtain machine keys and compromise servers.
CSO Online

Telnet vulnerability opens door to remote code execution as root

The flaw in a legacy Telnet implementation enables pre-auth remote code execution, exposing affected systems to full ...