A critical sandbox escape vulnerability in Grist-Core has been disclosed that allows remote code execution (RCE) through a ...

According to the firm’s latest supply chain security report, there was a 73% increase in detections of malicious open-source packages in 2025. The past year also saw a huge jump in the scope of ...

The first big risk? A trademark lawsuit from Anthropic, which forced a name change late last night to Moltbot. Whatever it's called, giving an AI near-total access to your digital life is dicey.

ClickFix uses fake CAPTCHAs and a signed Microsoft App-V script to deploy Amatera stealer on enterprise Windows systems.

This was not a single company breach, the credentials were harvested from millions of infected user devices using infostealer malware. Binance appeared in the dataset ...

Telnet is an old network protocol that allows users to remotely log into devices. Because it is outdated and insecure, it is not supposed to be exposed to the internet anymore, but hundreds of ...

Modern ransomware has shifted from encryption to psychological extortion that exploits fear, liability, and exposure. Flare shows how today's ransomware groups weaponize stolen data and pressure ...

North Korea is doubling down on a familiar playbook by weaponizing trust in open-source software and developer workflows. The ...

A critical Grist-Core flaw (CVE-2026-24002, CVSS 9.1) allows remote code execution through malicious formulas when Pyodide ...

A new malicious campaign mixes the ClickFix method with fake CAPTCHA and a signed Microsoft Application Virtualization (App-V ...