MUST READ

Digital attacks drive a new wave of cargo theft, FBI says

 | 

Carding service Jerry’s Store leak exposes 345,000 stolen payment cards

 | 

Anthropic launches Claude Security to counter rapid AI-Powered exploits

 | 

SonicWall patches three SonicOS flaws in Gen 6, 7 and 8 firewalls. Patch them now

 | 

Copy Fail: New Linux bug enables Root via page‑cache corruption

 | 

Agent’s claims on WhatsApp access spark security concerns

 | 

Meta accused of violating DSA by failing to safeguard minors

 | 

Large-scale Roblox hacking operation shut down by Ukrainian authorities

 | 

CVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosure

 | 

Internet censorship index reveals Russia’s lead and widespread content blocking

 | 

All supported cPanel versions hit by critical auth bug, now patched

 | 

U.S. CISA adds Microsoft Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalog

 | 

ShinyHunters exploit Anodot incident to target Vimeo

 | 

CVE-2026-3854 GitHub flaw enables remote code execution

 | 

Signal Phishing Campaign Targets German Officials in Suspected Russian Operation

 | 

Microsoft fixes Entra ID flaw enabling privilege escalation

 | 

New Android spyware Morpheus linked to Italian surveillance firm

 | 

NCSC launches SilentGlass, a plug-in device to secure HDMI and DisplayPort links

 | 

Medtronic discloses security incident after ShinyHunters claimed theft of 9M+ records

 | 

Chinese spy posed as researcher in spear-phishing campaign targeting NASA to steal defense software

 | 

PHP Composer

Pierluigi Paganini April 15, 2026
PHP Composer flaws enable remote command execution via Perforce VCS

Two high-severity flaws in PHP Composer could let attackers run arbitrary commands via malicious repository configs and crafted inputs affecting Perforce VCS. Two high-severity vulnerabilities in PHP Composer could allow attackers to execute arbitrary commands. PHP Composer is a dependency manager for PHP that helps developers install and manage libraries their projects need. By defining […]

Pierluigi Paganini April 29, 2021
Command injection flaw in PHP Composer allowed supply-chain attacks

A vulnerability in the PHP Composer could have allowed an attacker to execute arbitrary commands and backdoor every PHP package. The maintainers of the PHP Composer package have addressed a critical vulnerability, tracked as CVE-2021-29472, that could have allowed an attacker to execute arbitrary commands and establish a backdoor in every PHP package. Composer is the major […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Digital attacks drive a new wave of cargo theft, FBI says

Cyber Crime / May 01, 2026

Carding service Jerry’s Store leak exposes 345,000 stolen payment cards

Cyber Crime / May 01, 2026

Anthropic launches Claude Security to counter rapid AI-Powered exploits

Artificial Intelligence / May 01, 2026

SonicWall patches three SonicOS flaws in Gen 6, 7 and 8 firewalls. Patch them now

Security / May 01, 2026

Copy Fail: New Linux bug enables Root via page‑cache corruption

Hacking / April 30, 2026