The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.

ClickFix campaigns spread MacSync macOS infostealer via malicious Terminal commands since Nov 2025, targeting AI tool users ...

Plus: A porn-quitting app exposed the masturbation habits of hundreds of thousands of users, Russian hackers are trying to take over people’s Signal accounts, and more.

The financially motivated group has been active since May 2025, impersonating Fortinet, Ivanti, Cisco, and other vendors to steal corporate credentials.

SocksEscort sold proxy services on the open web, but was actually routing traffic through compromised routers and internet-connected devices.

Why Passwords Are Still a Developer's Problem in 2026. The case against password-based authentication is well-established in the IAM community, but the practical implications for ...

Iran-linked MuddyWater hackers breached U.S. networks with new Dindoor malware as regional cyber attacks escalate amid Middle East conflict.

Researchers warn Iranian state-backed Seedworm hackers have infiltrated US–Israeli critical networks, raising fears of cyber attacks targeting US banking, airline, and tech sectors.

Seven defendants were indicted in federal court in Erie in July 2023 in a Snapchat hacking and sexting conspiracy that ...

Meta is rolling out a dedicated shopping research mode inside its Meta AI web chatbot for a slice of US desktop users. Search ...

Amazon Threat Intelligence has revealed that a single “unsophisticated” attacker has compromised more than 600 organisations across 55 countries in ju.