Cybersecurity

A new critical flaw dubbed Cordyceps threatens open-source software supply chains.The vulnerability allows unauthenticated attackers to hijack CI/CD workflows and execute code.Major organizations including...

The U.S. Department of Justice seized the cloud computing account of the HuiOne Group, crippling a key part of its massive money laundering operation.The...

A financially-motivated initial access broker has targeted over 430,000 FortiGate firewalls globally since February 2026.The FortiBleed operation uses a custom tool to harvest over...

Security firm AIR successfully deployed a deceptive AI agent skill that bypassed all major security scanners and reached an estimated 26,000 agents.The skill exploited...

WhatsApp accounts across 11 countries are being hijacked to distribute malware-laden VBScript files.The campaign uses obfuscated scripts disguised as business documents to install legitimate...

Pro versions of three ShapedPlugin WordPress extensions were backdoored after attackers hijacked the official vendor distribution channel.The injected malware steals admin credentials, 2FA codes,...

Critical vulnerabilities in the popular open-source AI platform Dify could have allowed attackers to secretly wiretap and steal AI chat conversations from other customers'...

For the first time, CSIS used its legal "threat reduction" powers to disrupt foreign state-run botnets residing on infected Canadian devices.The Federal Court authorized...