A gamer seeking financial support for cancer treatment lost $32,000 after downloading from Steam a verified game named Block Blasters that drained his cryptocurrency wallet.

The macOS 26 "Tahoe" update is now available. Defined by its "Liquid Glass" theming and improved Spotlight search, macOS ...

The Python Software Foundation team has invalidated all PyPI tokens stolen in the GhostAction supply chain attack in early ...

Zscaler reveals SilentSync remote access trojan hidden in two malicious PyPI Python packages, risking browser data theft and ...

ClickFix typically asks the victim to perform a fake CAPTCHA test. FileFix tricks the user into copying and pasting a command ...

The new AI-native framework, freely available online, could make advanced cyberattacks faster, easier, and more accessible ...

Mend.io has been recognized as a Strong Performer in The Forrester Wave™: Static Application Security Testing Solutions, Q3 2025. In our first appearance in the evaluation, we earned top scores in ...

IntroductionAPT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima) is a North Korean-aligned threat actor active since at least 2012. APT37 primarily targets South Korean individuals ...

Attackers abused GitHub Actions workflows to siphon off thousands of credentials from hundreds of npm and PyPI repositories.

Cybersecurity firm HiddenLayer uncovers a “CopyPasta License Attack” that exploits Coinbase’s favored AI coding tool, Cursor.

Philips has just announced a monster list of new products for its Hue lineup, part of an overhaul announced at the IFA conference in Berlin. In recent years, the Philips Hue line has struggled, as ...

Software supply-chain attacks are evolving in a disturbing way as cybercriminals use Ethereum smart contracts to hide malicious code within open-source libraries. Research presented by a security firm ...