Multiple threat actors are abusing the GitHub API to discover organizations’ repositories and members via ghost accounts.
A threat actor is targeting organizations across multiple sectors in voice-enabled attacks involving Microsoft 365 phishing ...
The GigaWiper backdoor combines several malware families and can sabotage systems using a wiper, encryption, and wiping ...
A new attack technique dubbed HalluSquatting turns AI assistants’ tendency to hallucinate into a scalable infection vector.
Accenture confirmed a data breach after a hacker claimed to steal 35GB of internal data, including source code and ...
UAT-7810, the Chinese APT behind a prolonged espionage infrastructure campaign, has added new backdoors to its arsenal.
UK unveils Cyber Shield and Cyber Resilience Pledge, pairing agentic AI defense plans with new cybersecurity commitments for ...
Cyberespionage groups linked to both China and India spent more than two years quietly breaking into Pakistani law ...
In Operation Muck and Load, over 200 GitHub repositories serve a Go module that leads to Windows malware infections.
Several AI coding assistants were tricked into facilitating developer machine hacking via an attack technique that has been ...
A 16-year-old Linux KVM flaw (CVE-2026-53359) dubbed Januscape can allow attackers to escape virtual machines and execute ...
Google has rolled out a Chrome 150 security update that resolves 27 vulnerabilities, including two critical-severity bugs.