Slopsquatting represents an emerging supply chain threat made possible by AI hallucinations. As developers increasingly rely ...
The GigaWiper backdoor combines several malware families and can sabotage systems using a wiper, encryption, and wiping ...
In Operation Muck and Load, over 200 GitHub repositories serve a Go module that leads to Windows malware infections.
Socket found a compromised Injective npm package stealing wallet keys amid rising crypto supply chain attacks.
The global Java development ecosystem experienced significant structural changes this week following the introduction of a new OpenJDK enhancement draft alongside warnings from cybersecurity ...
GigaWiper is a destructive backdoor that combines multiple wiping and ransomware-like capabilities into a single operational ...
According to Socket, malicious payment SDK packages on npm and PyPI are harvesting developer credentials and CI/CD ...
Malicious packages on the Node Package Manager (npm) and the Python Package Index (PyPI) delivered stealer malware to ...
Sophos says Claude Code, Cursor, and Codex triggered Windows endpoint rules for credential access, LOLBin downloads, and ...
a laptop screen with a webpage of the IT Army of Ukraine group of volunteer hackers. The IT Army of Ukraine first set up in the wake of Russia's devastating attack, and has since hugely grown in ...