Security firms have uncovered a large, coordinated campaign that slipped malicious code into open-source package registries. The activity is linked...
U.S. agencies warned that Iran-affiliated cyber actors are targeting internet-exposed operational technology devices across critical infrastructure. The FBI said, “These...
A Russia-linked group known as APT28 has run a wide DNS hijacking and espionage campaign that abused insecure home and...
Security researchers at Censys have uncovered an active campaign that targets internet‑exposed ComfyUI instances to build a cryptomining and proxy...
Researchers at the University of Toronto disclosed a new and worrying attack against modern GPUs. They call it GPUBreach. The...
A China-linked cybercriminal group known as Storm-1175 has been exploiting a mix of zero-day and n-day vulnerabilities to mount fast,...
Attackers are actively exploiting a maximum severity vulnerability in Flowise, the open-source AI agent builder, VulnCheck said. The flaw is...
An Iran-linked threat actor carried out a large password-spraying campaign against Microsoft 365 environments in Israel and the United Arab...
Drift says the April 1 theft of $285 million was no smash-and-grab. It was the endgame of months of careful...
Apple has widened access to a security update to protect older iPhones and iPads from an actively used exploit kit...