Breaking News – Cyber Threats (last 6h)
Generated: 2026-05-20 22:00 PDT
- GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
The Hacker News • 2026-05-20 21:27 • thehackernews.com
GitHub on Wednesday officially confirmed that the breach of its internal repositories was the result of a compromise of an employee device involving a poisoned version of the Nx Console Microsoft Visual Studio Code (VS Code) extension.The development comes as the Nx team revealed that the extension, nrwl.angular-console, was breached after one of its developers’ systems was hacked in the
https://thehackernews.com/2026/05/github-internal-repositories-breached.html - Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks
The Hacker News • 2026-05-20 20:44 • thehackernews.com
Drupal has released security updates for a “highly critical” security vulnerability in Drupal Core that could be exploited by attackers to achieve remote code execution, privilege escalation, or information disclosure.
The vulnerability, now tracked as CVE-2026-9082, carries a CVSS score of 6.5 out of 10.0, per CVE.org. Drupal said the vulnerability resides in a database abstraction API that is
https://thehackernews.com/2026/05/highly-critical-drupal-core-flaw.html - ISC Stormcast For Thursday, May 21st, 2026 https://isc.sans.edu/podcastdetail/9940, (Thu, May 21st)
SANS ISC Diary (full) • 2026-05-20 19:00 • isc.sans.edu
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
https://isc.sans.edu/diary/rss/33000 - Smashing Security podcast #468: High-speed train hacks and homicidal lawnmowers
Graham Cluley • 2026-05-20 16:04 • grahamcluley.com
A 23-year-old radio enthusiast spent £300 on a piece of kit from the internet, and used it to bring four packed high-speed trains to a screeching halt. His defence in court? Possibly the most creative excuse we’ve heard all year.Meanwhile, owners of $4,000 robot lawnmowers are discovering that their gadget can be hijacked over the internet, redirected at journalists who foolishly lie down in front of it, and used to harvest Wi-Fi passwords, email addresses, and GPS coordinates. Change the default password? Sure – until the next firmware update silently resets it back.
Plus – don’t miss o…
https://grahamcluley.com/smashing-security-podcast-468/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
