Skip to main content
Mallory
Updated continuously · 1 new this hour

The signal that matters.

Cutting through advisories, vendor PSIRTs, researcher write-ups, and the underground — correlated, deduped, and ranked so your team only sees what moves the needle.

16,220stories tracked
Story velocity
+316past 48h
3,185 sources1.5M refsLive
352k
Vulnerabilities
+2,033 mentions · 48h
6,615
Threat actors
+170 mentions · 48h
12k
Malware families
+197 mentions · 48h
204k
Products tracked
+934 mentions · 48h
Updated 16h ago
Extension Plugin Hij…Breach Disclosure No…Underground Data Leak+2

GitHub Internal Repositories Breached Through Malicious VS Code Extension

GitHub confirmed that attackers accessed and exfiltrated data from internal repositories after an employee device was compromised by a trojanized Visual Studio Code extension obtained through the official marketplace. The company said it detected and contained the intrusion, isolated the affected endpoint, removed the malicious extension version, rotated critical secrets and credentials, and began continuous log analysis and incident response. GitHub’s current assessment is that the breach affected only GitHub-internal repositories, with no confirmed evidence that public repositories, customer-hosted repositories, or customer data stored outside those repositories were compromised.

Timeline
  • yesterdayResearchers tie TeamPCP to broader supply-chain malware activity
  • yesterdayGitHub publicly confirms investigation into internal repository breach
·16sources·Updated 3h ago
Also trending
ISC Patches Six BIND 9 Flaws Including DoH Use-After-Free and DoS Bugs
Internet Facing Serv…Widely Deployed Prod…+1

ISC Patches Six BIND 9 Flaws Including DoH Use-After-Free and DoS Bugs

Internet Systems Consortium (ISC) disclosed six vulnerabilities in BIND 9 and released patched versions 9.18.49, 9.20.23, and 9.21.22. The issues include CVE-2026-3039, a high-severity memory-exhaustion flaw during GSS-API TKEY negotiation that can crash named; CVE-2026-3593, a high-severity heap use-after-free in the DNS-over-HTTPS implementation triggered by crafted HTTP/2 traffic; CVE-2026-3592, an amplification issue involving self-pointed glue records that can drive disproportionate bandwidth and resource consumption; CVE-2026-5947, a race condition in SIG(0) validation under query-flood conditions that can lead to undefined behavior and process crashes; plus additional flaws involving invalid handling of CLASS != IN and an unbounded resend loop in the resolver.

7·Updated 3h ago
YellowKey BitLocker bypass and GreenPlasma Windows LPE disclosed publicly
Endpoint Software Vu…Proof Of Concept Rel…+2

YellowKey BitLocker bypass and GreenPlasma Windows LPE disclosed publicly

An anonymous researcher using the aliases Nightmare-Eclipse and Chaotic Eclipse publicly released details for two alleged Microsoft zero-days, YellowKey and GreenPlasma, adding to a string of earlier disclosures that included BlueHammer, RedSun, and UnDefend. YellowKey is described as a BitLocker bypass that requires physical access and a USB device, allowing an attacker to reboot into the Windows Recovery Environment (WinRE) and gain access to an encrypted drive; reporting said the technique was independently reproduced. Public materials claim the issue affects Windows 11 and Windows Server 2022/2025, while Windows 10 is not affected.

20·Updated 18h ago
FBI Says Crypto ATM Scams Drove More Than $388 Million in U.S. Losses
Cryptocurrency Platf…Identity Impersonati…

FBI Says Crypto ATM Scams Drove More Than $388 Million in U.S. Losses

The FBI said Americans lost more than $388 million to scams involving cryptocurrency kiosks in 2025, based on more than 13,400 complaints filed with the Internet Crime Complaint Center. The bureau said fraudsters commonly instruct victims to withdraw cash, visit a crypto ATM, and transfer funds to attacker-controlled wallets, with complaints rising 23% and losses increasing 58% from the prior year. People over 50 accounted for more than half of the complaints and reported over $302 million in losses, while Texas, Florida, and California together logged more than 3,300 complaints and about $112 million in estimated losses.

6·Updated 8h ago

Newest

The latest stories across every topic, sorted by when each story was first opened.

View all

Ukraine Identifies Odesa Teen in Infostealer Scheme Hitting California Retail Customers

Latest · yesterday

Ukraine identifies 18-year-old Odesa suspect and searches homes

310h ago

Trump Mobile Exposed Customer Addresses and Emails in Unsecured Order Data

Latest · yesterday

TechCrunch reports Trump Mobile leak remains unpatched

211h ago

Webworm Deploys GraphWorm and EchoCreep via OneDrive, Microsoft Graph, and Discord

Latest · yesterday

ESET publicly reports Webworm's upgraded tooling and expanded targeting

415h ago

WantToCry Ransomware Encrypts Files Remotely Through Exposed SMB Shares

Latest · yesterday

SC Media reports Sophos findings on WantToCry SMB abuse

220h ago
13 sections hidden
Find out if you're exposed

Don't read about it. Know when it affects you.

Mallory correlates every story on this page with your attack surface (assets, vendors, identities, subsidiaries) and surfaces a small set of evidence-based cases instead of 10,000 alerts.

Get started freeRequest a live demo
Subscribe to the digest

A daily email with top stories, new KEVs, and fresh exploits. No marketing.

Get the daily digest:
Or grab the RSS feeds →