GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has ...

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens ...

Fox Tempest is a financially motivated threat actor operating a malware‑signing‑as‑a‑service (MSaaS) used by other ...

The Shai-Hulud malware leaked last week is now used in new attacks on the Node Package Manager (npm) index, as infected ...

Researchers have finally cracked Fast16, mysterious code capable of silently tampering with calculation and simulation software. It was created in 2005—and likely deployed by the US or an ally. Vitaly ...

Hackers are exploiting a recent accidental source code leak from Anthropic to spread Vidar infostealer malware via fake GitHub repositories. These malicious sites have even managed to appear in top ...

Anthropic accidentally leaked part of the internal source code for its coding assistant Claude Code, according to a spokesperson. The leak could help give software developers, and Anthropic's ...

A suspected North Korean hacker has hijacked and modified a popular open source software development tool to deliver malware that could put millions of developers at risk of being compromised. On ...

A newly uncovered malware campaign is combining ClickFix delivery with AI generated evasion techniques to steal enterprise user accounts and passwords. The attacks are designed to provide intruders ...

This scam is alarming and something that many people could fall victim to if they are not careful. The Identity Theft Resource Center warns that criminals are creating realistic looking fake captcha ...

The newly observed malware abuses VS Code’s “runOn:folderOpen” feature to execute automatically from trusted projects, enabling near-frictionless compromise. A newly disclosed malware strain dubbed ...