Researchers found Disgrasya downloaded 37,217 times, targeting WooCommerce with carding scripts that steal payment data.

North Korean actors used 11 npm packages downloaded 5,600+ times to spread BeaverTail malware, expanding attacks to Bitbucket ...

Triada malware infected 2,600+ Android devices via counterfeit phones in March 2025, enabling remote access and crypto theft.

Ivanti patches CVE-2025-22457 exploited by UNC5221 in March 2025, risking remote code execution and credential theft.

Cybersecurity researchers have disclosed details of a new vulnerability impacting Google's Quick Share data transfer utility for Windows that could be exploited to achieve a denial-of-service (DoS) or ...

Leaked SpotBugs PAT in November 2024 led to a GitHub supply chain attack, compromising Coinbase in March 2025.

Counterfeit versions of popular smartphone models that are sold at reduced prices have been found to be preloaded with a modified version of an Android malware called Triada . "More than 2,600 users ...

Chainguard OS cuts container vulnerabilities by 94% by continuously updating upstream packages, enhancing security and ...

Novice hacker Coquettte exposed through OPSEC failure using Proton66 to distribute malware and illicit content via fake ...

Threat hunters are warning of a sophisticated web skimmer campaign that leverages a legacy application programming interface (API) from payment processor Stripe to validate stolen payment information ...

Late last month, SEQRITE Labs revealed that academic, governmental, aerospace, and defense-related networks in Russia are ...

In one of the largest coordinated law enforcement operations, authorities have dismantled Kidflix, a streaming platform that offered child sexual abuse material (CSAM). "A total of 1.8 million users ...