Two phishing campaigns, each using a different stealthy infection technique, are targeting organizations in attacks which aim ...

Monday cybersecurity recap on evolving threats, trusted tool abuse, stealthy in-memory attacks, and shifting access patterns.

Aikido Security is launching Aikido Endpoint, a lightweight agent designed to protect developers’ endpoints against supply ...

Aikido Security today launched Aikido Endpoint, a lightweight security agent that protects developer devices against software supply chain attacks by inspecting and blocking risky packages, IDE ...

Vercel confirms that is has suffered an intrusion after a hacker offered to sell data allegedly stolen from the company’s ...

The Kelp liquid restaking protocol was hit by a cybersecurity attack, in which the threat actor drained about $293 million in funds from the platform.

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...

A zero-click exploit called DarkSword can silently compromise older iPhones through Safari with no user action. Devices on ...

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...

The supply chain attack on third-party library Axios has forced OpenAI to revoke its code-signing certificate and require ...

Anthropic’s Claude Code Security Review, Google’s Gemini CLI Action, and GitHub Copilot Agent hacked via prompt injection ...

An attacker purchased 30+ WordPress plugins on Flippa, planted backdoors that lay dormant for eight months, then activated ...