Cybersecurity

GitHub is introducing major security changes to npm version 12, disabling install scripts by default to counter supply chain attacks.The update, scheduled for release...

The JDY botnet, used by Chinese state-sponsored hacking groups like Volt Typhoon, has rapidly expanded to over 1,500 compromised SOHO routers and IoT devices.Its...

ServiceNow has patched a vulnerability allowing unauthenticated users excessive access to certain customer instances.The company detected "anomalous activity" and evidence of successful queries against...

Meta will now use data from other businesses to personalize user feeds and AI chatbot responses, expanding beyond targeted ads.The company asserts it is...

Two Russian-aligned hacking groups continue to exploit a patched WinRAR vulnerability to target Ukrainian organizations.The flaw, CVE-2025-8088, allows attackers to hide malicious payloads outside...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a severe command injection flaw in BerriAI's LiteLLM software to its Known Exploited Vulnerabilities...

A critical Linux kernel vulnerability (CVE-2026-23111) allows local attackers to gain root access and break out of containers.The flaw was patched upstream in February...

Check Point warns of active exploitation of CVE-2026-50751, a critical VPN authentication bypass vulnerability.The flaw affects Remote Access VPN deployments using the deprecated IKEv1...