You can create a release to package software, along with release notes and links to binary files, for other people to use. Learn more about releases in our docs.

This project has not set up a SECURITY.md file yet.

Criminals are now using virtual hard disk image files to host and distribute dangerous malware, researchers from Forcepoint ...

Microsoft Threat Intelligence has uncovered a new variant of XCSSET, a sophisticated modular macOS malware that infects Xcode ...

Cybercriminals use steganography to hide malware inside images, evading security tools and enabling stealthy attacks. Learn ...

Apache Software’s open-source web container for handling Java-based web applications, Tomcat, is under active attacks through ...

Exploits swirling for remote code execution vulnerability (CVE-2025-24813) in open-source Apache Tomcat web server.

A devastating new remote code execution (RCE) vulnerability, CVE-2025-24813, is now actively exploited in the wild. Attackers need just one PUT API request to take over vulnerable Apache Tomcat ...

A critical remote code execution (RCE) vulnerability in Apache Tomcat tracked as CVE-2025-24813 is actively exploited in the wild, enabling attackers to take over servers with a simple PUT request.

CISA confirms cascading attack from reviewdog to tj-actions exposed sensitive credentials across 23,000+ repositories.

CISA warns of CVE-2025-30066, a GitHub supply chain attack exposing secrets via compromised actions logs. Update ...

The open source tool tjactions/changed-files searched for sensitive information in the CI process with GitHub Actions and saved it in the build log.