A threat actor started exploiting CVE-2026-39987, an unauthenticated RCE vulnerability in Marimo, nine hours after public ...

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.

Polish authorities have arrested a man in connection with the alleged rape of an “unknowing victim” that was recorded and ...

Shadow AI 2.0 isn’t a hypothetical future, it’s a predictable consequence of fast hardware, easy distribution, and developer ...

The cybercrime crew linked to the Trivy supply-chain attack has struck again, this time pushing malicious Telnyx package versions to PyPI in an effort to plant credential-stealing malware on ...

Now I can use any operating system I want without losing features.

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.

PM This week in cybersecurity: botnets, RCE flaws, AI-driven attacks, stealers, and more. Fast, no-fluff roundup.

TeamPCP strikes again, with almost identical code to LiteLLM.

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...

A quick look at the global Threat Map from internet security giant Spamhaus can sometimes be quite illuminating. The map ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access trojan to potentially millions of developer environments during a three-hour ...