A variant of the PureLogs infostealer malware has been distributed through purchase-order-themed phishing emails that use a malicious JavaScript file to launch a multi-stage infection chain on Windows ...

An open community building practical specifications for integrating software - Open Services for Lifecycle Collaboration (OSLC) ...

Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...

Upgrading npm on Windows requires manual steps to ensure that PowerShell/CMD find the new version of npm. This is a small tool made with ️ for npm and Node ...

A sneaky IAB operation uses a malicious traffic distribution system (TDS) to redirect visitors of trusted websites to ones ...

A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and ...

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.

While Safari's new AI tab organizer is praised as an Apple Intelligence breakthrough, Microsoft Edge launched a better ...

Explore the latest news and expert commentary on Application Security, brought to you by the editors of Dark Reading ...

Compliance chaos: NY regulators see a data breach — then focus on IT errors When a data breach happens, CISOs aren’t the only ones who should be sweating. New York state officials, for example, ...

An unpatched SQL injection vulnerability in the Ghost content management system has been weaponized in an active, large-scale cyberattack that has compromised more than 700 websites worldwide — ...