The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...

OpenAI revoked its macOS signing certificate after a malicious Axios dependency incident on March 31, 2026, preventing ...

Officially, we don't know what France's forthcoming Linux desktop will look like, but this is what my sources and experience ...

TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

The TeamPCP hacking group has been using credentials stolen in the recent OSS campaign to enumerate and compromise AWS ...

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...

Cyber threats across Latin America target government systems, from disruptive attacks in Puerto Rico to surges of probes in ...

Anthropic is trying to remove details about its coding agent from GitHub, but programmers are converting the code into ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

CERT-EU attributed a 92 GB data breach at the European Commission to TeamPCP, which compromised the Trivy security scanner in ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...