UNC6692 has been attributed to a large email campaign that's designed to overwhelm a target's inbox with a flood of spam ...

Scammers built a convincing fake Windows update site that installs password-stealing malware. Learn how the multi-stage ...

Yet another npm supply-chain attack is worming its way through compromised packages, stealing secrets and sensitive data as ...

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.

The number of cyberattacks targeting Africa declined in the past year, with weekly attacks down 22%, as attackers shifted ...

Chainguard, the trusted source for open source, today announced a partnership with Cursor, the leading multi-model AI coding platform, to secure the next generation of agentic software development.

The new agent will enter public beta in the Firefly web app within weeks; anyone can join the waitlist now, and usage will draw from existing generative credit pools. Firefly's new controls add studio ...

On the silicon side, Nvidia's tech let Humanoid slash hardware development from the usual 18–24 months to just seven months. Executives pitched the deployment as proof that factory-grade humanoids can ...

A design flaw – or expected behavior based on a bad design choice, depending on who is telling the story – baked into ...

Checkmarx suffers a second supply chain attack in a month, resulting in hackers injecting credential-stealing malware into ...

Hackers are dodging Windows security tools by running secret Linux virtual machines with QEMU, an open-source virtualizer.