Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.

GitHub confirmed on May 20 that a poisoned VS Code extension installed on an employee’s device gave attackers access to roughly 3,800 internal repositories at the Microsoft-owned code storage and ...

The malware used in the attack was dubbed “Miasma” and is described as a self-replicating worm designed to harvest login ...

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

We’ve talked before about number stations — mysterious shortwave transmitters repeating numbers, presumably for clandestine ...

The openshift-client-python library aims to provide a readable, concise, comprehensive, and fluent API for rich interactions with an OpenShift cluster. Unlike other clients, this library exclusively ...

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

GitHub has confirmed a cyberattack after a threat actor claimed to be selling stolen company data. The breach involved unauthorized access to internal repositories via a compromised employee device ...

For a piece of wearable technology, Pebble has had a fairly “rocky” history. One of the most successful Kickstarters of its ...

A developer went viral for reconfiguring Chipotle’s customer support bot into a coding assistant, and providing the playbook ...