> TritonInfoSec News
Home / Jun 18, 2026 / Story
0
#8 The Record threat-intel June 16, 2026 at 23:00 UTC

GitHub dismissed security reports on flaws now exploited by supply-chain worm, researchers say

AI Summary

GitHub dismissed two formal vulnerability reports identifying design flaws that researchers say are now being actively exploited by variants of the Shai-Hulud supply-chain worm, which has infected hundreds of software packages and developer accounts globally. The platform's failure to act on reported design flaws before weaponization raises significant questions about responsible disclosure workflows at major code hosting providers.

Read full article → https://therecord.media/github-dismissed-reports-s…

Relevance score: 80.0/100

# More from June 18

  1. 1
    Massive breach spills credentials for thousands of sensitive networks Ars Technica Security
  2. 2
    FortiBleed leak exposes Fortinet VPN credentials for 73,000 devices. BleepingComputer
  3. 3
    Critical Fortinet FortiSandbox flaws now exploited in attacks BleepingComputer
  4. 4
    Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development The Hacker News
  5. 5
    144 Mastra npm Packages Compromised via Hijacked Contributor Account The Hacker News
  6. 6
    CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution The Hacker News
  7. 7
    Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack SecurityWeek
  8. 9
    Critical Copilot vulnerability allowed hackers to seal 2FA code from users Ars Technica Security
  9. 10
    Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats The Hacker News