Attackers are using GitHub as a malware distribution channel by mass-cloning legitimate repositories and injecting trojans, thereby compromising developer supply chains.
Vulnerabilities CVE-2026-55200 (CVSS 9.2) and CVE-2026-55199 (CVSS 8.2) in libssh2 1.11.1 and older versions require immediate patches, but are not yet available in official releases.
German companies suffer financial damages from cyberattacks often on the same day, while recovery takes days – yet cybersecurity remains predominantly an IT task rather than a top-management priority.
Microsoft 365 Copilot contains multiple remotely exploitable vulnerabilities that allow unauthenticated attackers to perform privilege escalation, command injection, and data access.
Holiday-related reductions in IT team capacity and longer response times make companies more vulnerable to identity attacks during summer months, particularly when compromised credentials and AI-powered phishing messages are deployed.
VMware Tanzu Spring Framework is affected by multiple vulnerabilities that enable privilege escalation, remote code execution, denial of service, and additional attack scenarios.
Attackers exfiltrate FortiGate device configurations, crack SHA-256-hashed admin passwords offline, and gain administrative access without exploiting a new vulnerability.