The Hacker News

AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks

A misconfigured AWS CodeBuild webhook allowed bypass of actor ID checks, risking takeover of four AWS GitHub repositories ...
InfoWorld

Possible software supply chain attack through AWS CodeBuild service blunted

Wiz researchers investigated and found the core of the flaw, a threat actor ID bypass due to unanchored regexes, and notified ...

Rare brain leak made it feel like my head had exploded

"I felt like my head was going to explode then surprisingly it actually did," said Dr Hard, from Rudry near Caerphilly. She was rushed to hospital, where she would spend the next month and would ...

CrowdStrike acquires browser security startup Seraphic Security for $400M

CrowdStrike plans to integrate Seraphic’s technology with its flagship Falcon cybersecurity platform. The development effort ...
Cybernews

AWS dodges massive cyber disaster: every account was in danger

Wiz Research discovered and responsibly disclosed a critical vulnerability in AWS CodeBuild that could have led to a massive platform-wide compromise.

DeepSeek V4 Leaked : Coding-First Model Aims at Devs with New Memory & Reasoning AI

Rumors suggest two DeepSeek V4 options, a flagship for long coding and a lighter build, so teams can ship multi-file updates ...
Bleeping Computer

Exploited MongoBleed flaw leaks MongoDB secrets, 87K servers exposed

A severe vulnerability affecting multiple MongoDB versions, dubbed MongoBleed (CVE-2025-14847), is being actively exploited in the wild, with over 80,000 potentially vulnerable servers exposed on the ...
Infosecurity Magazine

CodeBuild Flaw Put AWS Console Supply Chain At Risk

A critical misconfiguration in AWS CodeBuild has allowed attackers to seize control of core AWS GitHub repositories, ...