Recently, a trusted government advisory highlighted a ransomware campaign that used an unpatched remote monitoring and management tool to breach a utility billing software provider. If your organization uses RMM or other remote access tools, this is a reminder to… Read More »Ransomware Attacks Exploiting Unpatched RMM: What You Need to Do Now
A single compromised npm package exposed source code and reminded us that software supply chains matter for dashboards, apps, and teams of all sizes. Grafana Labs confirmed a breach linked to a TanStack npm supply-chain incident and said there was… Read More »Grafana breach highlights supply-chain risk and practical steps to protect your dashboards
If you rely on Atlassian’s Jira or Confluence to keep your team aligned, a new security bulletin landed this week with a big punch: 39 high-severity vulnerabilities across Atlassian products and three critical-severity third-party flaws. The bulletin was published on… Read More »Atlassian May 19, 2026 Security Bulletin: Dozens of high-severity vulnerabilities require urgent patching
Eight new vulnerabilities have been added to the U.S. government’s Known Exploited Vulnerabilities (KEV) catalog. This is a clear signal that attackers are actively exploiting these flaws in the wild, and it affects organizations big and small—including those who run… Read More »CISA Adds Eight Exploited Flaws to KEV Catalog: What You Need to Do Now
You’re coding in VS Code, and a trusted extension could become a doorway for attackers. In the last 24 hours, security researchers flagged a compromised NX Console extension published to the Visual Studio Code Marketplace that could harvest credentials. This… Read More »Supply-chain alert: Compromised NX Console extension in VS Code Marketplace
If you or your team rely on the Nx Console extension for VS Code, a recent supply-chain blip is worth a quick check-in. A version of the Nx Console extension briefly appeared in the Visual Studio Code Marketplace with a… Read More »Nx Console supply chain risk: what developers should do now
When a global brand makes headlines over a potential data breach, it’s a reminder that security matters for everyone. Recent reports suggest Nike is investigating a potential breach after a threat actor claimed to have exfiltrated about 1.4 terabytes of… Read More »Nike reportedly investigates potential data breach amid 1.4 TB exfiltration claim
If you build software with VS Code, a trusted extension just became a risk you’ll want to understand and act on today. What happened A compromised version of the Nx Console extension (18.95.0) was published to the Visual Studio Code… Read More »Compromised Nx Console VS Code extension highlights software supply chain risk
If you rely on extensions in your development workflow, a breach in a single tool can ripple through your entire build process. Recently, a compromised version of the Nx Console extension for Visual Studio Code was published to the VS… Read More »Nx Console VS Code Extension Breach Highlights Software Supply Chain Security
Phishing isn’t going away—it’s getting a little smarter. In the last 24 hours, security researchers have pointed to ongoing credential phishing campaigns that mimic familiar services and use convincing login pages to harvest usernames and passwords. The tactics are evolving,… Read More »Phishing campaigns are evolving: practical steps to defend today