Sites belonging to major universities such as Harvard and Oxford, as well as DuckDuckGo, have been compromised in the attack.

DocketWise says the personal, financial, and medical information of 143,000 people was accessed in an October 2025 data breach.

Hackers rewrote all Git tags across four Laravel-Lang packages, poisoning over 700 historical versions with backdoors.

Threat actors stole files containing names and protected health information from the healthcare organization’s systems.

Anthropic says its Claude Mythos model discovered thousands of severe vulnerabilities across more than 1,000 OSS projects.

The Megalodon supply chain attack poisoned over 5,500 GitHub repositories via automated commits injecting GitHub Actions workflows.

The stealthy vulnerability impacts roughly 88 million domains and can be exploited to bypass DNS filtering and hide ...

TrendA has informed customers that it has patched CVE-2026-34926, another Apex One vulnerability that has been exploited in ...

Grafana says hackers compromised business contact information and downloaded its codebase as a result of the TanStack supply ...

Verizon’s 2026 DBIR shows vulnerability exploitation was the top breach vector in 2025 as AI accelerated attacks, ransomware ...

GitHub has confirmed that roughly 3,800 internal repositories were hacked after an employee installed an infected VS Code ...

Microsoft has announced mitigations for CVE-2026-45585, a BitLocker bypass triggered via FsTx in Windows Recovery.