Cybersecurity

A Chinese national associated with a state-owned defense firm impersonated U.S. engineers for years to steal sensitive defense software.Victims included employees at NASA, the...

Researchers discovered 26 malicious apps on the Apple App Store, dubbed FakeWallet, designed to steal cryptocurrency wallet recovery phrases and private keys.The scam, active...

Threat actors exploited the critical SSRF bug in LMDeploy toolkit just 12 hours after its public disclosure.The vulnerability, CVE-2026-33626, allows attackers to steal cloud...

The official Bitwarden CLI package on npm was compromised, distributing a malicious version that steals credentials and secrets.The supply chain attack used a hacked...

The speed of AI-powered attacks is creating a Collapsing Exploit Window, drastically reducing the time to patch vulnerabilities.Legacy, manual patching processes are now too...

Malicious images were uploaded to the official Checkmarx Docker Hub repository for its KICS security tool.The compromised software could scan infrastructure files, collect sensitive...

The cyber-espionage group Harvester has deployed a new Linux variant of its GoGra backdoor in attacks likely targeting South Asia.This malware abuses Microsoft's legitimate...

Lotus Wiper, a new data-destroying malware, has been used in targeted attacks against Venezuela's energy and utilities sector.The malware erases recovery tools, overwrites drives,...