The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were receiving unauthorized patch updates, all containing the same hidden ...

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.

The GlassWorm malware made news when it pivoted from exclusively targeting Windows users to also targeting Mac OS users in January, and in the time since, the malware campaign has spread across at ...

Chainguard is racing to fix trust in AI-built software - here's how ...

Today is Microsoft's March 2026 Patch Tuesday with security updates for 79 flaws, including 2 publicly disclosed zero-day ...

Panther Labs (hereafter just Panther) describes itself as a complete AI security operations centre (SOC) platform that is essentially characterised by its ability to scale security the whole ...

ClickFix campaigns spread MacSync macOS infostealer via malicious Terminal commands since Nov 2025, targeting AI tool users ...

Files on a central cloud server used by the ransomware group highlight a systematic, aggressive attack on network backups as a key TTP.

A cybersecurity analyst is the frontline defender of an organization's digital assets, safeguarding computers, software, and networks from theft and unauthorize ...

The March session of the University of Iowa’s AI Lightning Talks, themed “AI in Research: Inside Faculty Workflows,” featured staff and faculty who have been implementing artificial intelligence into ...