AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
The Hacker News

DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage

DRILLAPP JavaScript backdoor targets Ukraine in Feb 2026, abusing Edge debugging features to spy via camera, microphone, and ...

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
Dark Reading

GlassWorm Malware Evolves to Hide in Dependencies

The infamous GlassWorm malware has infected dozens more Open VSX software packages, according to new research.
Biometric Update

Aura breach and AI companion app flaws sharpen privacy fears

A new security report on AI companion apps is drawing attention because it arrives as an identity protection company is dealing with a data exposure incident.
The Caledonian-Record

H2O.ai H2OVL Mississippi models Shatter Milestone with Over One Million downloads monthly - Launching Momentum into GTC 2026

H2O.ai, a pioneer in sovereign AI and the world’s leading agentic, highly accurate predictive AI company, today announced its ...

Check Your iPhone Settings Now: Apple Releases First-Ever ‘Background’ Security Patch

This is the first Background Security Improvement from Apple. Here’s how to make sure your iPhone installs it right away.

OpenAI acquires open-source Python tooling startup Astral

OpenAI Group PBC today announced plans to acquire Astral Software Inc., a startup with a set of widely used Python development tools.  The terms of the deal were not disclosed. Astral’s development ...
Infosecurity Magazine

Crypto Scam "ShieldGuard" Dismantled After Malware Discovery

A cryptocurrency scam known as "ShieldGuard" has been dismantled after researchers identified it as a malicious browser extension designed to harvest sensitive user data. The operation, uncovered by ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.

WellWithAll CEO Demond Martin on bridging the health equity gap and improving access to care

Speak, Demond Martin, CEO and co-founder of WellWithAll, shares his career and leadership journey, including stops at the ...
The Caledonian-Record

Jozu Launches Agent Guard: AI Security That AI Agents Cannot Disable

Jozu, the AI assurance company behind KitOps, a CNCF project with more than 240,000 downloads, today announced the launch of Jozu Agent Guard, a zero-trust AI runtime that executes agents, models, and ...