RubyGems Pauses Signups After Malicious Package Attack
RubyGems disabled new account registration after reports of hundreds of malicious packages, making recent Ruby dependency changes and CI caches worth immediate review.
News desk
Security incidents, exploited vulnerabilities, breach reports, malware campaigns, and urgent patch notes arranged for fast daily scanning.
July 15, 2026
RubyGems disabled new account registration after reports of hundreds of malicious packages, making recent Ruby dependency changes and CI caches worth immediate review.
Attackers are exploiting cPanel & WHM CVE-2026-41940 to deploy a Filemanager backdoor, steal credentials, and maintain access on hosting servers.
Operation HookedWing used GitHub Pages, compromised servers, and staged redirects to target more than 500 organizations with credential phishing.
Dirty Frag chains Linux kernel bugs into local root escalation. The practical risk is post-compromise: a low-privilege foothold can become full host control.
A Canadian smishing campaign sends etr-invspt.ca SMS links that redirect to inc-gdep.com, a fake Interac deposit page impersonating Government of Canada and banks.
PamDOORa is a Linux PAM-based backdoor marketed for persistent OpenSSH access and credential theft. The cleanup problem is deeper than one password reset.
A Google Ads malvertising campaign used fake Claude Code install pages and terminal commands to deliver MacSync Stealer, targeting Keychain data, SSH keys, AWS…
Cyera disclosed Bleeding Llama, an Ollama memory-leak flaw that can expose prompts, environment variables, API keys, and tool output from exposed local LLM servers.
Poland's ABW says hackers breached control systems at five water treatment plants, exposing how weak remote access and internet-facing OT can become a public-service…