SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.

LofyGang resurfaces with LofyStealer disguised as Minecraft hack, exfiltrating IBANs and passwords to 24.152.36[.]241, ...

GlassWorm, a known malware, has put 73 harmful extensions into OpenVSX's registry. Hackers use it to steal developers' crypto ...

OpenAI is mandating macOS users update ChatGPT Desktop and other apps by May 8, 2026, due to a compromised JavaScript library ...

A cyber group is impersonating IT helpdesk staff via Microsoft Teams to deploy malware and target corporate systems.

Highly sophisticated scam will leave you questioning what's real while hackers steal your crypto.

Over 10,000 Zimbra Collaboration Suite (ZCS) instances exposed online are vulnerable to ongoing attacks exploiting a ...

As supply-chain attacks against widely-used, open-source software repositories continue, experts are urging developers to not ...

Did Grindr's D.C. party mean anything?

The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.

Manitoba is aiming to be the first province to ban youth from accessing social media and artificial intelligence chatbots, as ...