The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...

Infosecurity outlines key recommendations for CISOs and security teams to implement safeguards for AI-assisted coding ...

CERT-EU attributed a 92 GB data breach at the European Commission to TeamPCP, which compromised the Trivy security scanner in ...

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

Isn’t there some claim events come in threes? After the extremely rare leak of the iOS Coruna exploit chain recently, now we have details from Google on a second significant exploit in the ...

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical ...

Two versions of LiteLLM, an open source interface for accessing multiple large language models, have been removed from the Python Package Index (PyPI) following a supply chain attack that injected ...

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were ...

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing supply chain attack that could have wide-ranging consequences for developers ...

Codex Security, formerly Aardvark⁠, has found hundreds of critical vulnerabilities in tested software in the past month. OpenAI is rolling out a new AI-powered software vulnerability scanner that the ...

Iran invented the relatively simple Shahed 136 attack drone, but is now fending off US copies launched against it in combat. Why, when the US military has expensive, cutting-edge and hi-tech weapons, ...

In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to build Kimwolf, the world’s largest and most disruptive botnet. Since then, the ...