Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

GitHub confirmed on May 20 that a poisoned VS Code extension installed on an employee’s device gave attackers access to roughly 3,800 internal repositories at the Microsoft-owned code storage and ...

The malware used in the attack was dubbed “Miasma” and is described as a self-replicating worm designed to harvest login ...

We’ve talked before about number stations — mysterious shortwave transmitters repeating numbers, presumably for clandestine ...

The openshift-client-python library aims to provide a readable, concise, comprehensive, and fluent API for rich interactions with an OpenShift cluster. Unlike other clients, this library exclusively ...

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

GitHub has confirmed a cyberattack after a threat actor claimed to be selling stolen company data. The breach involved unauthorized access to internal repositories via a compromised employee device ...

For a piece of wearable technology, Pebble has had a fairly “rocky” history. One of the most successful Kickstarters of its ...

Explore the latest news and expert commentary on Application Security, brought to you by the editors of Dark Reading ...