CYBER ATTACK

Ransomware makers are noisy by nature because they have to quickly change a lot of files while they encrypt them This article explores ransomware makers.

Cybersecurity experts have found a big spying operation in the Middle East that is going after journalists, politicians, and members of civil society This.

The GlassWorm hackers have gotten even better at what they do This article explores glassworm hackers gotten. . This attack is aimed at people who use.

Google has added mobile devices to Gmail's end-to-end encryption (E2EE) features This article explores devices gmail. . With client-side encryption (CSE).

A complicated social engineering campaign is going after important open-source developers in the Node.js community. Security experts think that this is.

On March 31, a source code leak happened that revealed 59.8 MB of TypeScript source map and 512K lines of code. There was then a window of time between the.

A big attack on the JavaScript ecosystem's software supply chain has happened because a bad dependency was added to the axios NPM package, which is used.

The state-sponsored hacking group MuddyWater has changed its business model and now uses a Russian-made malware-as-a-service platform This article.

Hewlett-Packard Enterprise has found a security hole in its Aruba Networking Private 5G Core On-Prem platform This article explores hpesbnw05032 security.

Discover how Cybercriminals are taking advantage of the buzz around BTS's long-awaited return to the world stage. The scam has already reached nine.

Since at least 2022, a targeted mobile spying campaign has been going on in the Middle East without anyone knowing This article explores indian government.

Hackers could secretly steal sensitive data from private repositories because of a serious flaw in GitHub Copilot Chat This article explores exploit.

GitHub and GitLab are very important for making software these days This article explores trusted github gitlab. . A lot of security tools don't block.

Iranian-backed advanced persistent threat (APT) actors are actively going after Rockwell Automation/Allen-Bradley programmable logic controllers (PLCs).

Hackers can use third-party API routers to take over tool calls, steal cryptocurrency wallets, and steal sensitive credentials on a large scale This.

The JFrog security research team has found a complex and harmful PyPI package called Hermes-px. It is sold as a "Secure AI Inference Proxy" that sends.

The Security Alliance stopped 164 internet domains that were linked to a North Korean hacking group known as UNC1069 This article explores attacks web.

Seven new types of BPFDoor malware have been found This article explores types bpfdoor malware. . The malware is a backdoor at the kernel level that stops.

A viral video shows a new and surprisingly easy way to find North Korean state-sponsored IT workers trying to get into Western companies. The video shows.

A new attack campaign is actively going after open-source repositories on GitHub by hiding harmful code in normal CI build configurations This article.

Discover how OpenSSL has put out a security update for April 2026 that fixes seven holes. If you have a vulnerable version of OpenSSL 3.x, you should.

Written in Python 3, METATRON is an open-source framework for penetration testing This article explores metatron open source. . It combines automated.

Discover how Cybercriminals are taking advantage of people's growing worries about the availability of LPG cylinders by sending out false messages on SMS.

On March 30, 2026, a big JavaScript library was turned into a weapon This article explores attackers poison axios. . Attackers put poison in Axios' npm.

On April 1, 2026, a huge theft happened on the largest decentralized perpetual futures exchange on the Solana blockchain This article explores korea.

After threat actors used the ILSpy WordPress domain on April 6, 2026, a new supply chain attack went after developers. Instead of giving visitors real.

A targeted attack on the official WordPress site for ILSpy, a popular open-source .NET decompiler used by developers, has made it possible for malware to.

Discover how In 2025, Google broke previous payout records for the Vulnerability Reward Program (VRP) on its 15th anniversary. The tech giant gave $17.

Google is making a big change to its Chrome browser that will improve how well audio and video elements load slowly by default This article explores.

Discover how A complex phishing campaign is going after businesses in South Korea. It uses bad Windows shortcut (LNK) files and GitHub as a secret Command.