Cyberangriff Grafana: Erpresser kopieren Codebasis und drohen mit Leak
(Bild: heise online / dmk). Bei Grafana Labs gab es einen IT-Sicherheitsvorfall. Dabei konnten Angreifer interne Daten kopieren. Nun fordern sie Lösegeld.. Grafana Labs ist…
Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer
Cybersecurity researchers have flagged a compromised version of the Nx Console extension that was published to the Microsoft Visual Studio Code (VS Code) Marketplace.. The…
[AINews] How to land a job at a frontier lab (on Pretraining)
It is the day before Google I/O, when the next major Gemini releases are expected to be previewed, and it will probably be a quiet…
Server-Admin-Tool: Angreifer können 2FA von Webmin umgehen
(Bild: Artur Szczybylo/Shutterstock.com). Webmin ist über mehrere Sicherheitslücken angreifbar. Neben 2FA- sind auch root-Attacken möglich. Nun haben die Entwickler Sicherheitspatches veröffentlicht.. Das Admin-Tool für Unix-Server…
NGINX: DoS-Lücke wird angegriffen
(Bild: heise online / dmk). In NGINX Open Source und NGINX Plus von F5 klaffen Sicherheitslücken. Eine wird bereits attackiert und führt zu DoS-Zuständen.. Im…
Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials
In yet another software supply chain attack, threat actors have compromised the popular GitHub Actions workflow, actions-cool/issues-helper, to run malicious code that harvests sensitive credentials…
Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account
Cybersecurity researchers have discovered a fresh software supply chain attack campaign that has compromised various npm packages associated with the @antv ecosystem as part of…
SHub macOS infostealer variant spoofs Apple security updates
A new variant of the ‘SHub’ macOS infostealer uses AppleScript to show a fake security update message and installs a backdoor.. Dubbed Reaper, the new…
INTERPOL ‘Operation Ramz’ seizes 53 malware, phishing servers
More than 200 individuals were arrested for cybercrime activities during INTERPOL’s Operation Ramz, which focused on the Middle East and North Africa.. Law enforcement also…
Canvas Breach Disrupts Schools & Colleges Nationwide
An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States…
The last six months in LLMs in five minutes
I put together these annotated slides from my five minute lightning talk at PyCon US 2026, using the latest iteration of my annotated presentation tool..…
Identity Fabric für Governance, Compliance und Souveränität
Die Schwäche moderner Identitätsarchitekturen liegt oft nicht in einem einzelnen System, sondern in fehlender Steuerbarkeit über gewachsene Strukturen hinweg. Interne Identitäten, Kundenkonten, Partnerzugänge und Non-Human-Identities…