Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack.

A decade-old critical security vulnerability affects over 800,000 internet-exposed telnet servers, with reports of active ...

Two malware campaigns weaponize open-source software to target executives and cloud systems, combining social engineering ...

From Russian GRU operations to Chinese espionage campaigns, AI is transforming cyber warfare. But that change is a bit more ...

Open models were supposed to democratize artificial intelligence. Instead, security researchers now say they are handing cybercriminals industrial grade tools that can be downloaded, modified, and ...

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.

ReversingLabs (RL), the trusted name in file and software security, today released its fourth annual Software Supply Chain Security Report. The 2026 ...

Cloud collaboration, macro security, and new tools like Office Scripts, Power Query, and Python are pushing VBA to the ...

Origami Linux was conceived in 2021, which makes it relatively new for an operating system. The goal behind this distribution was to create something beautiful and secure. To achieve that, the ...

An emerging phishing campaign is exploiting a dangerous combination of legitimate Cloudflare services and open source Python tools to deliver the commodity AsyncRAT. The attack demonstrates threat ...

We’ve recently seen how ChatGPT was used to trick Mac users into installing MacStealer, and now a different tactic has been found to persuade users to install a version of MacSync Stealer. The Mac ...

Ever since reporting earlier this year on how easy it is to trick an agentic browser, I've been following the intersections between modern AI and old-school scams. Now, there's a new convergence on ...