Cybersecurity researchers have disclosed a security flaw in Gitea, an open-source, self-hosted platform for version control, that allows unauthenticated remote attackers to pull private container images from Gitea deployments without requiring an account, password, or other credentials.
The vulnerability, tracked as CVE-2026-27771 (CVSS score: N/A), affects all versions of Gitea prior to 1.26.2
SOURCE:
Cybersecurity researchers have discovered a new malicious package on the npm registry that comes with information stealing capabilities. According to
Latin America and Europe become the target of two banking trojan campaigns that are designed to infect Windows and Android
Most organizations still picture cyber defense as a fortress problem: build stronger walls, add more guards, buy another detection engine.