AI agents can provide enormous benefits, but they can also behave a lot like malware, acting autonomously and causing harm if ...

A 12th-grade student in Thanh Hoa Province has been accused of developing malicious software and selling it to cybercrime ...

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...

International cybersecurity firms had been tracking a sophisticated malware strain called PXA Stealers for months, tracing it ...

A newly discovered attack sandbags Apple users into hacking themselves. Here’s what all Mac users need to know.

A newly documented BlankGrabber infection chain is using a bogus “certificate” loader to disguise a multi-stage Windows compromise, adding another layer of deception to a commodity stealer already ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

Socket uncovers large-scale GitHub spam campaign abusing “Discussions” notifications Fake advisories with bogus CVEs trick ...

A newly discovered attack sandbags Apple users into hacking themselves. Here’s what all Mac users need to know.

Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...

AtlasCross RAT spreads via 11 fake domains registered October 27, 2025, enabling encrypted C2 control and persistence.