Vulnerability
News
2026-05-30
CISA Urges Security Teams to Audit Software Development Pipelines After Megalodon Supply‑Chain Attack
CISA warns about Megalodon supply-chain attack injecting malicious GitHub Actions into 5,500+ repositories and compromise via poisoned Nx Console VS Code extension, urging security teams to audit workflows and rotate credentials.
cybersecurity
supply-chain
GitHub
CISA
Megalodon
News
2026-05-24
Critical Linux Kernel Cryptographic Template Bug (CVE-2026-31431) Lets Local Users Escalate to Root via Page‑Cache Write
A newly disclosed logic flaw in the kernel’s cryptographic copy‑on‑write mechanism allows any local user to overwrite arbitrary readable files, opening a straightforward path to root privilege escalation.
cve
linux-kernel
privilege-escalation
security
vulnerability