DevOps Security Archives • Daily CyberSecurity

Supply Chain Storm: Over 700 Laravel Lang Versions Poisoned with Malicious RCE Backdoor Laravel Lang Supply Chain Attack laravel-lang RCE Backdoor

Laravel Lang Supply Chain Attack laravel-lang RCE Backdoor

Supply Chain Storm: Over 700 Laravel Lang Versions Poisoned with Malicious RCE Backdoor

Ddos May 23, 2026

A major software supply-chain storm is brewing in the PHP ecosystem. Security firm Socket has exposed a...

GitLab Critical Patch: High-Severity XSS and Unauthenticated DoS Flaws Hit Self-Managed Instances GitLab Security Update May 2026 GitLab XSS and DoS Vulnerabilities GitLab Security Session Hijacking GitLab Security Update, CI/CD Vulnerability GitLab DoS, Security Update bypassing SAML - CVE-2024-8312 and CVE-2024-6826

GitLab Security Update May 2026 GitLab XSS and DoS Vulnerabilities GitLab Security Session Hijacking GitLab Security Update, CI/CD Vulnerability GitLab DoS, Security Update bypassing SAML - CVE-2024-8312 and CVE-2024-6826

GitLab Critical Patch: High-Severity XSS and Unauthenticated DoS Flaws Hit Self-Managed Instances

Ddos May 14, 2026

In a major move to secure its DevOps platform, GitLab has released important security versions for both...

New Quasar Linux (QLNX) RAT Hijacks Cloud Keys and NPM Tokens Quasar Linux RAT Supply Chain Hijacking

New Quasar Linux (QLNX) RAT Hijacks Cloud Keys and NPM Tokens

Ddos May 6, 2026

A previously undocumented Linux remote access trojan (RAT) has been exposed for its surgical precision in targeting...

Supply Chain Alert: Critical 9.4 CVSS RCE Hits Sonatype Nexus Repository Manager Nexus Repository RCE Supply Chain Security Nexus Repository Manager - CVE-2024-5082 & CVE-2024-5083

Supply Chain Alert: Critical 9.4 CVSS RCE Hits Sonatype Nexus Repository Manager

Ddos April 13, 2026

Security teams across the globe are being urged to move quickly as Sonatype has disclosed a critical...

Security Alert: GitLab Issues Patch for High-Severity Vulnerabilities Across CE and EE GitLab Security Code Integrity GitLab sale GitLab, Security GitLab Stored XSS, Kubernetes Proxy Flaw

GitLab Security Code Integrity GitLab sale GitLab, Security GitLab Stored XSS, Kubernetes Proxy Flaw

Security Alert: GitLab Issues Patch for High-Severity Vulnerabilities Across CE and EE

Ddos April 9, 2026

GitLab has released critical security updates for Community Edition (CE) and Enterprise Edition (EE). Versions 18.10.3, 18.9.5,...

The Fatal Human Error: How One Manual Step Leaked Claude Code to the World Claude Code human error Claude AI Data Wipe, Constraining AI Tools Anthropic lawsuit, AI copyright Claude Code, web editor

Claude Code human error Claude AI Data Wipe, Constraining AI Tools Anthropic lawsuit, AI copyright Claude Code, web editor

The Fatal Human Error: How One Manual Step Leaked Claude Code to the World

Ddos April 2, 2026

Yesterday’s hemorrhage of the Claude Code source code ignited a veritable jubilee within the developer community. Subsequently,...

GemStuffer RubyGems Campaign RubyGems Data Exfiltration TanStack npm Compromise Supply Chain Attack DNS Hijacking APT28 (Fancy Bear) OpenVSX Supply Chain Attack Checkmarx Plugin Breach Stryker Cyberattack CISA Alert Trans-Regional Cyber Conflict Operation Epic Fury Cyber Operation MacroMaze APT28 Cyber Espionage Notepad++ Supply Chain Attack Lotus Blossom Group Defense Industrial Base Threats GTIG Report APT28 Operation Neusploit CVE-2026-21509 Bookworm Malware

Checkmarx Alert: Malicious Plugins and GitHub Actions Hit OpenVSX in New Supply Chain Attack

Ddos March 24, 2026

Today, security firm Checkmarx has identified a recent supply chain security incident. The breach involved the publication...

CI/CD at Risk: High-Severity Jenkins XSS Flaw Exposes Build Environments Jenkins Security Update CVE-2026-27099 Jenkins security - CVE-2023-35141 Jenkins plugins, CVE-2025-47884

Jenkins Security Update CVE-2026-27099 Jenkins security - CVE-2023-35141 Jenkins plugins, CVE-2025-47884

CI/CD at Risk: High-Severity Jenkins XSS Flaw Exposes Build Environments

Ddos February 19, 2026

Maintainers of Jenkins, the world’s leading open-source automation server, have issued critical security updates to address two...

GitLab Patch Alert: High-Severity Web IDE Flaw Exposes Private Repos GitLab Security Update CVE-2025-7659 CVE-2024-5655 GitLab Vulnerabilities, XSS & Data Exposure

GitLab Security Update CVE-2025-7659 CVE-2024-5655 GitLab Vulnerabilities, XSS & Data Exposure

GitLab Patch Alert: High-Severity Web IDE Flaw Exposes Private Repos

Ddos February 11, 2026

GitLab has released a sweeping security update for its Community (CE) and Enterprise (EE) editions, patching a...

GitLab Alert: High-Severity 2FA Bypass & DoS Flaws Patched in Urgent Update GitLab Security Update CVE-2026-0723 CVE-2023-7028 & CVE-2023-5356 GitLab vulnerability, DoS flaw

GitLab Security Update CVE-2026-0723 CVE-2023-7028 & CVE-2023-5356 GitLab vulnerability, DoS flaw

GitLab Alert: High-Severity 2FA Bypass & DoS Flaws Patched in Urgent Update

Ddos January 21, 2026

GitLab has released an urgent security update for its Community (CE) and Enterprise (EE) editions, patching a...

VoidLink: The “Cloud-First” Malware Hunting Your Linux Servers Lotus Wiper Digital Sabotage G_Wagon Malware NPM Supply Chain Attack IMAPLoader malware ResolverRAT Malware Evasion

Lotus Wiper Digital Sabotage G_Wagon Malware NPM Supply Chain Attack IMAPLoader malware ResolverRAT Malware Evasion

VoidLink: The “Cloud-First” Malware Hunting Your Linux Servers

Ddos January 14, 2026

A new, highly sophisticated malware framework has emerged from the shadows, specifically engineered to infest the modern...

NodeCordRAT: The Trojan Hiding in NPM to Steal Crypto via Discord NodeCordRAT NPM Supply Chain Attack

NodeCordRAT: The Trojan Hiding in NPM to Steal Crypto via Discord

Ddos January 9, 2026

The open-source ecosystem has once again been weaponized, this time targeting developers working with cryptocurrency libraries. In...

GitLab Patch: Fixes CI/CD Credential Theft & Unauthenticated DoS Attacks GitLab Security Update May 2026 GitLab XSS and DoS Vulnerabilities GitLab Security Session Hijacking GitLab Security Update, CI/CD Vulnerability GitLab DoS, Security Update bypassing SAML - CVE-2024-8312 and CVE-2024-6826

GitLab Patch: Fixes CI/CD Credential Theft & Unauthenticated DoS Attacks

Ddos November 26, 2025

GitLab has released an important security update today affecting both its Community Edition (CE) and Enterprise Edition...