Skip to content
Security News, Assessments & Alerts Page 2

Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

Hackers Use Fake Microsoft Entra Passkey Enrollment to Gain Microsoft 365 Access

Hackers Use Fake Microsoft Entra Passkey Enrollment to Gain Microsoft 365 Access

Ravie LakshmananJul 10, 2026Enterprise Security / Authentication A threat actor has been targeting organizations spanning multiple sectors with voice-based fake security requests that prompt Microsoft 365 users to enroll a new Entra passkey with an… 

Attackers Exploit ‘Ill Bloom’ Vulnerability to Drain .1 Million From Cryptocurrency Wallets

Attackers Exploit ‘Ill Bloom’ Vulnerability to Drain $3.1 Million From Cryptocurrency Wallets

Security firm Coinspect has disclosed a crypto wallet flaw it calls Ill Bloom, and attackers are already using it. The flaw is in how some wallet software generated its recovery phrase, the words that control the money. When… 

Dormant GitHub Accounts Help Attackers Blend In While Mapping Corporate Orgs

Dormant GitHub Accounts Help Attackers Blend In While Mapping Corporate Orgs

Ravie LakshmananJul 09, 2026Developer Security / Supply Chain Security Datadog Security Labs is warning of “several overlapping campaigns” that are systematically enumerating corporate GitHub organizations, repositories, and user accounts through the GitHub API. “Operators rely on… 

npm 12 Disables Install Scripts by Default to Reduce Supply Chain Risk

npm 12 Disables Install Scripts by Default to Reduce Supply Chain Risk

Ravie LakshmananJul 09, 2026Supply Chain Security / DevSecOps GitHub has officially announced the release of npm version 12 with install scripts disabled by default, along with deprecating granular access tokens (GATs) designed to bypass two-factor…