A government-grade iOS exploit kit called DarkSword has been leaked on GitHub, putting hundreds of millions of iPhones ...

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...

TeamPCP is the likely cyber threat actor behind attacks on Trivy, Checkmarx, and the LiteLLM AI library — and all signs point to more attacks to come.

The newly observed malware abuses VS Code’s “runOn:folderOpen” feature to execute automatically from trusted projects, enabling near-frictionless compromise.

A leaked iPhone exploit makes outdated iOS devices easy targets — update now or risk full data access from a simple malicious website.

A new hacking group has been rampaging the Internet in a persistent campaign that spreads a self-propagating and never-before-seen backdoor—and curiously a data wiper that targets Iranian machines.

The Glassworm campaign has compromised over 151 GitHub repositories and npm packages using invisible Unicode payloads that ...

Cloud attacks are getting faster and deadlier - here's your best defense plan ...

Researchers at Endor Labs uncovered 88 new packages tied to new waves of the campaign, which uses remote dynamic dependencies to deliver credential-stealing malware. Last year’s “PhantomRaven” ...

The official website for the Solana memecoin launchpad, Bonk Fun, has been hijacked. A malicious actor seized control of the domain on Wednesday (March 11), deploying a wallet drainer disguised as a ...