Cybersecurity

The official Bitwarden CLI package on npm was compromised, distributing a malicious version that steals credentials and secrets.The supply chain attack used a hacked...

The speed of AI-powered attacks is creating a Collapsing Exploit Window, drastically reducing the time to patch vulnerabilities.Legacy, manual patching processes are now too...

Malicious images were uploaded to the official Checkmarx Docker Hub repository for its KICS security tool.The compromised software could scan infrastructure files, collect sensitive...

The cyber-espionage group Harvester has deployed a new Linux variant of its GoGra backdoor in attacks likely targeting South Asia.This malware abuses Microsoft's legitimate...

Lotus Wiper, a new data-destroying malware, has been used in targeted attacks against Venezuela's energy and utilities sector.The malware erases recovery tools, overwrites drives,...

Cybersecurity firm Forescout Research Vedere Labs has identified 22 new security flaws, codenamed BRIDGE:BREAK, in Lantronix and Silex serial-to-IP converters.The vulnerabilities, including critical Remote...

The U.S. cybersecurity agency has flagged eight new software flaws being actively exploited by attackers.Three of the vulnerabilities impact Cisco Catalyst SD-WAN Manager, with...

A critical vulnerability (CVE-2026-5760) with a CVSS score of 9.8 allows remote code execution in the SGLang framework.The flaw is in the "/v1/rerank" endpoint...