Category of intelligence

Malware

News about viruses, Ransomware, Trojans and other malicious software

Stories published: 540 Showing up 9 articles per page

The software supply chain in check: compromised Trivy images and exposed credentials

Malware

March 23, 2026 5 min de lectura 117

The software supply chain in check: compromised Trivy images and exposed credentials

Software development security has once again been the focus of attention after a new wave of supply chain-oriented attacks: stranded versions of the Trivy vulnerability scanner, d…

DarkSword: the attack that left iPhones exposed and forced an urgent patch

Malware

March 23, 2026 5 min de lectura 116

DarkSword: the attack that left iPhones exposed and forced an urgent patch

Recently, the U.S. Infrastructure and Cybersecurity Agency (CISA) gave the order to federal agencies to urgently park three iOS vulnerabilities that were being exploited in campai…

Trivy under attack supply chain exposes credentials in pipelines

Malware

March 21, 2026 6 min de lectura 132

Trivy under attack supply chain exposes credentials in pipelines

Just a few days ago the community of developers and security teams received a disturbing news: the popular security scanner Trivy was used as a vector in a supply chain attack. Re…

CanisterWorm a self-drop worm that redefines npm security with Internet Computer canisters

Malware

March 21, 2026 6 min de lectura 136

CanisterWorm a self-drop worm that redefines npm security with Internet Computer canisters

In recent days the community of developers has received a serious alert: a chain of engagement initiated in the popular Trivy scanner seems to have derived into a wave of manipula…

FBI Phishing Alert on Encrypt Messaging Attributed to Russian Intelligence that Beats Accounts Through Linked Devices

Malware

March 20, 2026 5 min de lectura 118

FBI Phishing Alert on Encrypt Messaging Attributed to Russian Intelligence that Beats Accounts Through Linked Devices

The past FBI public notice puts in large letters something many experts were suspicious of: there are phishing campaigns that are taking account of encrypted messaging application…

When labels become dangerous: the second attack on Trivy exposes CI / CD credentials and secrets

Malware

March 20, 2026 5 min de lectura 119

When labels become dangerous: the second attack on Trivy exposes CI / CD credentials and secrets

The software supply chain again demonstrated its fragility when Trivy, the popular open source vulnerability scanner maintained by Aqua Security, suffered a second commitment in a…

Oracle critical patch fixes remote code execution vulnerability without authentication in Identity Manager and Web Services Manager CVE 2026 21992

Malware

March 20, 2026 4 min de lectura 141

Oracle critical patch fixes remote code execution vulnerability without authentication in Identity Manager and Web Services Manager CVE 2026 21992

Oracle has published an off-schedule patch to correct a critical failure that allows the remote code execution without authentication in two corporate components: Identity Manager…

CVE-2026-33017 in Langflow: remote execution of code without authentication and operation in only 20 hours

Malware

March 20, 2026 5 min de lectura 116

CVE-2026-33017 in Langflow: remote execution of code without authentication and operation in only 20 hours

A serious security failure in Langflow recently put an uncomfortable reality on the table again: open tools for building and orchestrating IA models are now attractive targets for…

Red Alert: Cisco FMC is already being exploited with CVE-2026-20131; CISA orders patch or disconnection before March 22

Malware

March 20, 2026 4 min de lectura 133

Red Alert: Cisco FMC is already being exploited with CVE-2026-20131; CISA orders patch or disconnection before March 22

The U.S. Infrastructure and Cybersecurity Security Agency (CISA) has ordered federal agencies to urgently address the most serious vulnerability in the Cisco firewall management s…

Explore RadarBytes

Malware

The software supply chain in check: compromised Trivy images and exposed credentials

DarkSword: the attack that left iPhones exposed and forced an urgent patch

Trivy under attack supply chain exposes credentials in pipelines

CanisterWorm a self-drop worm that redefines npm security with Internet Computer canisters

FBI Phishing Alert on Encrypt Messaging Attributed to Russian Intelligence that Beats Accounts Through Linked Devices

When labels become dangerous: the second attack on Trivy exposes CI / CD credentials and secrets

Oracle critical patch fixes remote code execution vulnerability without authentication in Identity Manager and Web Services Manager CVE 2026 21992

CVE-2026-33017 in Langflow: remote execution of code without authentication and operation in only 20 hours

Red Alert: Cisco FMC is already being exploited with CVE-2026-20131; CISA orders patch or disconnection before March 22

Disable your ad blocker

Malware

Manage your cookies