Daily Signal - page 5 | 0day.digest

Wednesday, May 20, 2026

Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack

supply-chain · npm · malware

Unit 42: TamperedChef Clusters Deliver Stealthy Payloads via Trojanized Productivity Apps

malware · supply-chain · phishing

GitHub Confirms 3,800 Internal Repos Breached via Malicious VS Code Extension

supply-chain · github · malware · data-breach

ExifTool CVE-2026-3102: Malicious Image File Triggers macOS Compromise

cve · vulnerability · rce · macos

Tuesday, May 19, 2026

Grafana Labs Source Code Exposed via GitHub Breach Linked to TanStack npm Attack

supply-chain · github · data-breach · grafana · npm

Google Releases Gemini 3.5 Flash to General Availability at I/O 2026

ai-launch · model-release · google

Windows Zero-Day Barrage: YellowKey, GreenPlasma, and MiniPlasma Disclosed Post-Patch Tuesday

zero-day · vulnerability · cve · microsoft

Google Launches Gemini 3.5 Flash — Agentic Model Built to Execute Complex Tasks

ai-launch · model-release · google · llm