CVE-2026-32202 actively exploited after April 27 advisory fix, exposing NTLMv2 hashes via zero-click SMB authentication.

A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 "sleeper" extensions that turn malicious ...

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...

Ripple's David Schwartz warned of a sophisticated Robinhood email phishing scam exploiting its system ahead of Q1 earnings.

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.

Microsoft released .NET 10.0.7 to fix critical CVE-2026-40372 vulnerability that could allow SYSTEM-level access and data ...

A Mirai botnet has started exploiting CVE-2025-29635, a year-old command injection vulnerability in discontinued D-Link ...

After failing to deliver its first customer satellite into the correct orbit, the FAA grounds Blue Origin's New Glenn rocket ...

A newly identified threat group, UNC6692, has been caught running a sophisticated cyberattack campaign that uses Microsoft ...

Google Antigravity’s increasing popularity has brought the development platform into the crosshairs of researchers and ...

Boost Security has announced SmokedMeat, an open source red team framework for CI/CD pipelines that shows how attackers ...