A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...

Microsoft’s GitHub has suffered what appears to be its biggest ever security breach after confirming that attackers ...

Bumblebee from Perplexity scans developer machines for compromised packages and AI tool configs, without triggering malware.

Ghostwriter used Prometheus lures since spring 2026 to target Ukraine agencies, enabling malware delivery and data theft.

The security platform Socket has recently discovered an enormous worldwide malware operation that has been dubbed "TrapDoor".

A 10-month Android malware campaign has used nearly 250 fake apps to sign victims up to premium services on their mobile ...

A pull request with a Rust version of Anthropic’s Bun, a JavaScript toolkit and runtime originally written in Zig, has been ...

Active Microsoft Exchange zero-day leaves organisations exposed By Nicola Mawson, Contributing journalistJohannesburg, 19 May 2026An exploit in on-premises Microsoft Exchange servers has already been ...

On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow ...

Every time a professional opens LinkedIn in a Chrome-based browser today, hidden JavaScript silently probes their device for ...

The disguised apps use WebView automation, JavaScript injection, and OTP interception to avoid detection and complete fraudulent subscriptions.

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, ...