Cybercriminals are increasingly prioritizing speed and scalability over technical sophistication. Rather than crafting highly ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Reclassified as a remote code execution flaw, the F5 BIG-IP APM vulnerability has been upgraded to CVSS 9.8, requiring ...

DNS text records and a PowerShell script is the latest absurd way someone has managed to get the iconic first-person shooter ...

What's next, a literal potato? Oh yeah. Done that.

Russian CTRL toolkit spread via malicious LNK files in February 2026, routing C2 through FRP-tunneled RDP to evade detection.

The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.

Malicious ads are pushing fake Homebrew installers to Mac users, and the attack relies on trusting the first Google search result.

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...