TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates

Blog

Byadmblake May 15, 2026

OpenAI has disclosed that two of its employee devices in its corporate environment were impacted via the Mini Shai-Hulud supply chain attack on TanStack, but noted that no user data, production systems, or intellectual property were compromised or modified in an unauthorized manner. “Upon identification of the malicious activity, we worked quickly to investigate, contain,…

OpenAI has disclosed that two of its employee devices in its corporate environment were impacted via the Mini Shai-Hulud supply chain attack on TanStack, but noted that no user data, production systems, or intellectual property were compromised or modified in an unauthorized manner.
“Upon identification of the malicious activity, we worked quickly to investigate, contain, and take steps to

Blog

CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three flaws impacting Mitel MiCollab and Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The list of vulnerabilities is as follows – CVE-2024-41713 (CVSS score: 9.1) – A path traversal vulnerability in Mitel MiCollab that could allow…

Read More CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation
Blog

Experts Uncover Four New Privilege Escalation Flaws in Windows Task Scheduler

Cybersecurity researchers have detailed four different vulnerabilities in a core component of the Windows task scheduling service that could be exploited by local attackers to achieve privilege escalation and erase logs to cover up evidence of malicious activities. The issues have been uncovered in a binary named “schtasks.exe,” which enables an administrator to create, delete,…

Read More Experts Uncover Four New Privilege Escalation Flaws in Windows Task Scheduler
Blog

Debunking the AI Hype: Inside Real Hacker Tactics

Is AI really reshaping the cyber threat landscape, or is the constant drumbeat of hype drowning out actual, more tangible, real-world dangers? According to Picus Labs’ Red Report 2025 which analyzed over one million malware samples, there’s been no significant surge, so far, in AI-driven attacks. Yes, adversaries are definitely continuing to innovate, and while…

Read More Debunking the AI Hype: Inside Real Hacker Tactics
Blog

Browser Extension Harvests 8M Users’ AI Chatbot Data

Urban VPN Proxy, which claims to protect users’ privacy, collects data from conversations with ChatGPT, Claude, Gemini, Copilot and other AI assistants.

Read More Browser Extension Harvests 8M Users’ AI Chatbot Data
Blog

Virgin Media 02 Vuln Exposes Call Recipient Location

A hacker exploiting the security flaw in the mobile provider’s network could have potentially located a call recipient with accuracy of up to 100 square meters.

Read More Virgin Media 02 Vuln Exposes Call Recipient Location
Blog

GamaCopy Mimics Gamaredon Tactics in Cyber Espionage Targeting Russian Entities

A previously unknown threat actor has been observed copying the tradecraft associated with the Kremlin-aligned Gamaredon hacking group in its cyber attacks targeting Russian-speaking entities. The campaign has been attributed to a threat cluster dubbed GamaCopy, which is assessed to share overlaps with another hacking group named Core Werewolf, also tracked as Awaken Likho and…

Read More GamaCopy Mimics Gamaredon Tactics in Cyber Espionage Targeting Russian Entities

Related