poisoned-nx-console-vscode-breach-github-3800-repos
A malicious Nx Console update exposed developer credentials and led to the loss of 3,800 GitHub internal repos; practical, Monday morning actions and ISO fit.
A malicious Nx Console update exposed developer credentials and led to the loss of 3,800 GitHub internal repos; practical, Monday morning actions and ISO fit.
Penalties provisions for late payment and repayment interest under Finance Act 2009 Sections 101 and 102 come into force, elevating compliance expectations across UK organisations.
A practical guide to keeping management system documents accurate, current and usable.
A libzypp plugin loading flaw (CVE-2026-44933) can make chroot to ‘/’ a no-op, allowing plugin paths to execute host binaries like /bin/bash with root privileges; reported 57 minutes ago.
Explains 2026 sanctions amendments and actions for governance, risk and compliance.
MLflow 3.9.0’s Assistant /ajax-api improper origin validation lets a malicious webpage enable full access and execute arbitrary commands via the Claude Code sub-agent; fixed in 3.10.0, patch now.
The amendment adds hantavirus to the notifiable diseases list in England, expanding reporting duties for organisations.
Creartia’s ICMS has a critical authorisation bypass (CVE-2026-4320) that could let attackers manipulate HTTP redirect headers to gain unauthorised admin access; patch, isolate and audit immediately.
Northern Ireland explosives precursors amendment and its implications for regulatory compliance under UK health and safety law.
CVE-2026-8719 in AI Engine 3.4.9 allows authenticated Subscriber+ users to escalate to Administrator via missing capability checks in the MCP OAuth bearer-token path; check versions, revoke tokens, patch or remove the plugin.
CVE-2026-45672: Open WebUI’s /api/v1/utils/code/execute allows arbitrary Python execution even when ENABLE_CODE_EXECUTION=false; fixed in 0.8.12.
CVE-2026-8532 is an XML integer overflow in Google Chrome prior to 148.0.7778.168 that can lead to arbitrary code execution inside the sandbox; reported ~2 hours ago, apply vendor updates and follow incident playbooks.
Let’s start your compliance journey together.
Sign up to receive updates, promotions, and sneak peaks of upcoming products. Plus 20% off your next order.
Sign up to receive updates, promotions, and sneak peaks of upcoming products. Plus 20% off your next order.
Sign up to receive updates, promotions, and sneak peaks of upcoming products. Plus 20% off your next order.