Aggregator

You must login to view this content

The PostgreSQL Global Development Group has released critical security updates for all supported branches, fixing 11 vulnerabilities, including arbitrary code execution and several SQL injection flaws. PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 have been released as security and maintenance updates. These minor versions address 11 CVEs plus more than 60 bugs reported over the […]

The post Critical PostgreSQL Vulnerabilities Enables Code Execution and SQL Injections appeared first on Cyber Security News.

New York, United States, May 19th, 2026, CyberNewswire New research shows identity dark matter continues to expand and erode enterprise identity, resulting in a fragile foundation for agent AI readiness and adoption Orchid Security, the company solving identity at its core, today released its Identity Gap: 2026 Snapshot report, revealing that the majority of enterprise […]

The post Two-Thirds of Nonhuman Accounts Are Unseen and Unmanaged, According to Orchid Security’s Identity Gap Report appeared first on Cyber Security News.

A sophisticated npm supply chain campaign dubbed Mini Shai-Hulud has claimed over 600 package versions overnight, with security researchers at Socket and Endor Labs identifying 639 compromised package versions across 323 unique packages in the latest wave. The bulk of the activity targeted the @antv ecosystem, alongside packages under @lint-md, @openclaw-cn, and @starmind scopes. Malicious […]

The post 600+ npm Packages Compromised in New Mini Shai-Hulud Supply Chain Attack appeared first on Cyber Security News.

Another malware wave is washing through open-source software repos, stealing publishing tokens, installing OS‑level backdoors and persisting in developer tools and CI pipelines.

The post Mini Shai-Hulud returns, compromising hundreds of npm packages appeared first on CyberScoop.