The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB of data.

A phishing campaign targeting healthcare, government, hospitality, and education sectors uses several evasion techniques to avoid detection.

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical ...

During tax season, threat actors reliably take advantage of the urgency and familiarity of time-sensitive emails, including refund notices, payroll forms, filing reminders, and requests from tax ...

GlassWorm uses Solana and Google Calendar dead drops to deliver RAT stealing browser data and crypto wallets, impacting ...

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide. This analysis walks through the Trivy supply‑chain compromise, attacker ...

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes configs, SSH keys, and automation pipelines before being removed.

Cybernews researchers uncovered numerous OpenWebUI instances that were silently running malware.