تعرضت منصة GitHub لهجوم إلكتروني كبير تضمن عمليات إيداع برمجيات خبيثة. وقد أثرت عملية Megalodon على أكثر من 5000 مستودع.
أدى الهجوم على المنصة إلى توزيع تعليمات برمجية ضارة من خلال عمليات الإيداع (commits) في عدد كبير من المستودعات. وقد تم تحديد الهجوم باعتباره تقليداً لحملة سابقة تُعرف باسم TeamPCP.
من إعداد الذكاء الاصطناعي صورة مولدة بواسطة الذكاء الاصطناعي
A critical Linux vulnerability known as CopyFail, tracked as CVE-2026-31431, allows attackers to gain root access on systems running kernels since 2017. Publicly released exploit code has heightened risks for data centers and personal devices. Ubuntu's infrastructure has been offline for over a day due to a DDoS attack, hampering security communications.
Seventy-three Microsoft open source packages were compromised late last week with malware that steals credentials from cloud services and developer tools. The malicious code activates when opened in AI coding agents.
من إعداد الذكاء الاصطناعي
Attackers have created a fake OpenAI repository on Hugging Face that has reached the top spot but installs infostealer malware.
A new report indicates that most companies have released software containing known security flaws. The problem is especially pronounced with AI-created code, which exceeds the speed of manual fixes.
من إعداد الذكاء الاصطناعي
Developer platform Socket has identified a malware known as TrapDoor that is targeting crypto and AI developers.