Azure DevOps is a technology platform tracked across 7 threat clusters and 10 intelligence report mentions on ThreatCluster. First observed December 3, 2025; most recent activity July 8, 2026.
Microsoft's newly developed MDASH (Multi-Model Agentic Scanning Harness) identified 16 vulnerabilities in Windows, including four critical remote code execution (RCE) flaws. The vulnerabilities were found in key…
BeyondTrust has issued a warning regarding a critical remote code execution (RCE) vulnerability in its Remote Support and Privileged Remote Access software. The flaw, tracked as CVE-2026-1731, allows unauthenticated…
A new malware campaign is exploiting a fake OpenClaw installer to deploy the Hologram infostealer framework, which is designed to harvest credentials from over 250 crypto wallet and password manager browser extensions.…
Accenture has confirmed a data breach involving the theft of approximately 35 GB of sensitive data, including source code, RSA keys, SSH keys, and Azure access tokens. The breach was claimed by a hacker known as '888',…
The CI/CD Abuse Detector is an open-source tool designed to identify suspicious changes in CI/CD pipelines. It utilizes a large language model to analyze modifications in workflows on platforms like GitHub Actions,…
A new wave of the Shai-Hulud malware has compromised nearly 500 npm packages, affecting over 26,000 GitHub repositories. This self-replicating worm, which targets developers' credentials and secrets, has been linked to…
Sonatype introduces Golden Pull Requests to automate the remediation of open source vulnerabilities. This method streamlines the traditional manual process of addressing security issues in software dependencies. By…