Skip to main content
RuntimeRebel

All Articles

Security Intelligence

2161 articles · Updated every 4 hours

Advertisement

SU
HIGH
Supply Chain

Laravel Lang Hijack: Supply Chain Attack via Malicious GitHub Tags

Analysis of the Laravel Lang supply chain attack involving malicious GitHub tags v13.8.1 and v13.8.2 used to steal environmental secrets and credentials.

Runtime Rebel Intel
4 min read·May 24, 2026
Packagist Supply Chain Attack: 8 Packages Deliver Linux Malware
HIGH
Supply Chain

Packagist Supply Chain Attack: 8 Packages Deliver Linux Malware

Security researchers identified a supply chain attack on Packagist involving eight infected packages that deploy Linux malware via GitHub Releases URLs.

Runtime Rebel Intel
3 min read·May 23, 2026
npm Staged Publishing: New 2FA Controls Prevent Supply Chain Attacks
MEDIUM
Supply Chain

npm Staged Publishing: New 2FA Controls Prevent Supply Chain Attacks

GitHub introduces staged publishing for npm, requiring manual 2FA approval for package releases to mitigate malicious automated updates and account takeovers.

Runtime Rebel Intel
3 min read·May 23, 2026
TH
MEDIUM
Threat Intel

Italy Dismantles CINEMAGOAL App for Streaming Auth Token Theft

Italian authorities dismantled the CINEMAGOAL piracy app, which harvested authentication tokens and session cookies from users to access streaming services.

Runtime Rebel Intel
3 min read·May 23, 2026
Anthropic Project Glasswing Uncovers 10,000 High-Severity Flaws
HIGH
Vulnerabilities

Anthropic Project Glasswing Uncovers 10,000 High-Severity Flaws

Anthropic's Claude Mythos AI identifies over 10,000 critical and high-severity vulnerabilities in systemically important software via Project Glasswing.

Runtime Rebel Intel
3 min read·May 23, 2026
VU
HIGH
Vulnerabilities

Underminr Vulnerability: Bypassing DNS Filtering via Trusted Domains

The Underminr vulnerability affects 88 million domains, allowing attackers to hide C2 traffic and bypass DNS filtering using shared infrastructure.

Runtime Rebel Intel
4 min read·May 23, 2026
Laravel-Lang PHP Packages Compromised: Credential Stealer Alert
HIGH
Supply Chain

Laravel-Lang PHP Packages Compromised: Credential Stealer Alert

Multiple Laravel-Lang PHP packages have been compromised to deliver a cross-platform credential stealer. Learn how to detect and mitigate this supply chain threat.

Runtime Rebel Intel
4 min read·May 23, 2026
MA
INFO
Malware

Obfuscating Strings in C++ Implants: Detection and Analysis

Analyze how stack strings help malware authors evade static analysis. Explore the assembly-level mechanics and detection strategies for Windows implants.

Runtime Rebel Intel
4 min read·May 23, 2026
CVE-2026-9082: Drupal Core SQL Injection Added to CISA KEV Catalog
HIGH
Vulnerabilities

CVE-2026-9082: Drupal Core SQL Injection Added to CISA KEV Catalog

CISA warns of active exploitation of CVE-2026-9082, a critical SQL injection vulnerability in Drupal Core. Organizations must patch to prevent data exposure.

Runtime Rebel Intel
3 min read·May 23, 2026
CVE-2026-48172: LiteSpeed cPanel Plugin Privilege Escalation - Patch Now
CRITICAL
Vulnerabilities

CVE-2026-48172: LiteSpeed cPanel Plugin Privilege Escalation - Patch Now

Exploitation of CVE-2026-48172 in the LiteSpeed cPanel plugin allows local users to gain root access. Organizations should update to version 1.2.2 immediately.

Runtime Rebel Intel
3 min read·May 23, 2026
TH
INFO
Threat Intel

Measuring AI Security Operations Performance: 3 KPIs for SOC Leaders

Establish clear metrics for AI-enabled security success. Learn how to track MTTR, FTE efficiency, and adoption to optimize your SOC and defensive posture.

Runtime Rebel Intel
3 min read·May 23, 2026
VU
CRITICAL
Vulnerabilities

ABB B&R Automation Studio <6.5: Multiple Critical SQLite Vulnerabilities

Critical SQLite vulnerabilities in ABB B&R Automation Studio <6.5 expose ICS to RCE, data exposure, and unauthorized access. Update to version 6.5 immediately.

Runtime Rebel Intel
4 min read·May 23, 2026