The Shai-Hulud supply-chain malware campaign is exploiting the automated systems developers trust to publish software safely.

Hulud payload to steal CI/CD secrets from Linux-based automation environments. The malware executes during npm install and ...

Semiconductor provider Nuvoton Technology has launched a graphical user interface (UI) tool designed specifically for machine ...

Sometime around the last week of May 2026, attackers uploaded poisoned packages to three of the most widely used software ...

Four supply-chain attacks hit OpenAI, Anthropic, and Meta in 50 days — none inside the model. A 7-row matrix maps what AI ...

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...

CRPx0 is a complex, stealthy malware campaign that targets macOS and Windows systems, and appears to have Linux capabilities ...

Weekly cybersecurity recap covering zero-days, malware, phishing, supply chain attacks, cloud threats, AI security risks, and ...

In early May, the JDownloader website delivered malware. This is reminiscent of Daemon Tools, which have since reacted.

The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows ...

The laptop connects directly to the drone through its Wi-Fi access point (AP), enabling wireless communication between the ...

Reporting from May 2026 accurately claimed that Google Chrome silently installed a 4-gigabyte artificial intelligence model ...