The Leader in Cloud Security Research

A stylized graphic of a distorted pull request from GitHub on top of ominous clouds

Hacking GitHub Codespaces via VS Code Defaults: A Supply-Chain Attack Vector

Executive Summary What is GitHub Codespaces? GitHub Codespaces is a cloud-hosted developer environment that lets users spin up fully configured Visual Studio Code instances in minutes. It integrates tightly with repositories and supports devcontainers for reproducible environments. From a usability perspective, this makes onboarding and collaboration seamless. Developers can review pull requests, test code, or …

February 04, 2026
By Roi Nisimi

Latest

All Latest

Discovered Vulnerabilities

Hacking GitHub Codespaces via VS Code Defaults: A Supply-Chain Attack Vector

Executive Summary What is GitHub Codespaces? GitHub Codespaces is a cloud-hosted developer environment that lets users spin up fully configured Visual Studio Code instances in minutes. It integrates tightly with repositories and supports devcontainers for reproducible environments. From a usability perspective, this makes onboarding and collaboration seamless. Developers can review pull requests, test code, or …

February 04, 2026
By Roi Nisimi

New runC Vulnerabilities Expose Docker and Kubernetes to Container Escape Attacks

November 10, 2025

A stylized graphic of the word CVE Alert next to a broken cog

CVE-2025-59287 Explained: Critical WSUS RCE Vulnerability Actively Exploited

October 26, 2025

A stylized graphic of a pull request from GitHub with a hole in it and data leaking out

pull_request_nightmare Part 2: Exploiting GitHub Actions for RCE and Supply Chain

September 30, 2025

A stylized graphic showing a pull request window with malicious code

pull_request_nightmare Part 1: Exploiting GitHub Actions for RCE and Supply Chain Attacks

September 24, 2025

All Discovered Vulnerabilities

Hacking GitHub Codespaces via VS Code Defaults: A Supply-Chain Attack Vector

Latest

Critical RCE in vLLM Allows Server Takeover via Malicious Video URL (CVE-2026-22778)

Notepad++ Update Mechanism Hijacked by State-Sponsored Actors for Six Months

Critical n8n Sandbox Escape Enables Remote Code Execution

CVE-2025-15467: Critical OpenSSL Flaw Enables Pre-Auth Remote Code Execution

Explore

Discovered Vulnerabilities

Hacking GitHub Codespaces via VS Code Defaults: A Supply-Chain Attack Vector

New runC Vulnerabilities Expose Docker and Kubernetes to Container Escape Attacks

CVE-2025-59287 Explained: Critical WSUS RCE Vulnerability Actively Exploited

pull_request_nightmare Part 2: Exploiting GitHub Actions for RCE and Supply Chain

pull_request_nightmare Part 1: Exploiting GitHub Actions for RCE and Supply Chain Attacks

‘Orca Watch’ Series

Critical RCE in vLLM Allows Server Takeover via Malicious Video URL (CVE-2026-22778)

Notepad++ Update Mechanism Hijacked by State-Sponsored Actors for Six Months

Critical n8n Sandbox Escape Enables Remote Code Execution

CVE-2025-15467: Critical OpenSSL Flaw Enables Pre-Auth Remote Code Execution

Microsoft Office Zero-Day Actively Exploited – Emergency Patches Released

Technical Deep Dives

Watch the Typo: Our PoC Exploit for Typosquatting in GitHub Actions

Kubernetes Testing Environment: An Open Source Resilience Platform for EKS, GKE and AKS

Meet AI Goat: The First Open Source AI Security Learning Environment Based on the OWASP Top 10 ML Risks

The Five Most Common AI Model Risks and How to Prevent Them

Leveraging Nuclei Templates to Identify Risks and Threats in Critical Cloud Applications

Thought Leadership

Where to Start Your Cloud Security Program: CSPM, CWPP, or Runtime Data? A Modern Guide to CNAPP Maturity

The Cloud's Year-End Confessions: What Really Happened in 2025

OWASP Top 10 2025: Key Changes and What They Mean for Application Security

Part 2: Attackers Love Your GitHub Actions Too

Part 1: Attackers Love Your GitHub Actions Too

In the News

The 10 Hottest Cybersecurity Tools And Products Of 2025 (So Far)

From ’Shadow AI’ To Agentic Anarchy, AI-SPM Is Key To Visibility: Experts

Cloud security faces mounting threats, Orca warns

2025 State of Cloud Security Report: Hunting threats in the age of relentless risk

Featured

Hacking GitHub Codespaces via VS Code Defaults: A Supply-Chain Attack Vector

Latest

Critical RCE in vLLM Allows Server Takeover via Malicious Video URL (CVE-2026-22778)

Notepad++ Update Mechanism Hijacked by State-Sponsored Actors for Six Months

Critical n8n Sandbox Escape Enables Remote Code Execution

CVE-2025-15467: Critical OpenSSL Flaw Enables Pre-Auth Remote Code Execution

Discovered Vulnerabilities

Hacking GitHub Codespaces via VS Code Defaults: A Supply-Chain Attack Vector

New runC Vulnerabilities Expose Docker and Kubernetes to Container Escape Attacks

CVE-2025-59287 Explained: Critical WSUS RCE Vulnerability Actively Exploited

pull_request_nightmare Part 2: Exploiting GitHub Actions for RCE and Supply Chain

pull_request_nightmare Part 1: Exploiting GitHub Actions for RCE and Supply Chain Attacks

‘Orca Watch’ Series

Critical RCE in vLLM Allows Server Takeover via Malicious Video URL (CVE-2026-22778)

Notepad++ Update Mechanism Hijacked by State-Sponsored Actors for Six Months

Critical n8n Sandbox Escape Enables Remote Code Execution

CVE-2025-15467: Critical OpenSSL Flaw Enables Pre-Auth Remote Code Execution

Microsoft Office Zero-Day Actively Exploited – Emergency Patches Released

Technical Deep Dives

Watch the Typo: Our PoC Exploit for Typosquatting in GitHub Actions

Kubernetes Testing Environment: An Open Source Resilience Platform for EKS, GKE and AKS

Meet AI Goat: The First Open Source AI Security Learning Environment Based on the OWASP Top 10 ML Risks

The Five Most Common AI Model Risks and How to Prevent Them

Leveraging Nuclei Templates to Identify Risks and Threats in Critical Cloud Applications

Thought Leadership

Where to Start Your Cloud Security Program: CSPM, CWPP, or Runtime Data? A Modern Guide to CNAPP Maturity

The Cloud's Year-End Confessions: What Really Happened in 2025

OWASP Top 10 2025: Key Changes and What They Mean for Application Security

Part 2: Attackers Love Your GitHub Actions Too

Part 1: Attackers Love Your GitHub Actions Too

The 10 Hottest Cybersecurity Tools And Products Of 2025 (So Far)

From ’Shadow AI’ To Agentic Anarchy, AI-SPM Is Key To Visibility: Experts

Cloud security faces mounting threats, Orca warns

2025 State of Cloud Security Report: Hunting threats in the age of relentless risk