Over 1,700 malicious packages since Jan 2025 fuel cross-ecosystem supply chain attacks, enabling espionage and financial ...

In Telegram groups, men are sharing thousands of nonconsensual images of women and girls, buying spyware, and engaging in ...

The Russian military is once again hacking home and small office routers in widespread operations that send unwitting users ...

A hacker has allegedly stolen a massive trove of sensitive data – including highly classified defense documents and missile ...

Fancy Bear, also known as APT28, has taken over thousands of residential home routers to steal passwords and authentication ...

Cybercriminals are exploiting the recent Claude Code source code leak to distribute Vidar malware via fake GitHub repositories.

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Four vulnerabilities in CrewAI could be chained together via prompt injection for sandbox escape, remote code execution, and ...

Language package managers like pip, npm, and others pose a high risk during active supply chain attacks. However, OS updates ...

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...