We are seeing exploitation of SolarWinds Web Help Desk via CVE‑2025‑40551 and CVE‑2025‑40536 that can lead to domain ...

Remote-first AI coding startup Kilo doesn't think software developers should have to pledge their undying allegiance to any ...

Researchers have revealed that bad actors are targeting dYdX and using malicious packages to empty its user wallets.

Open source packages published on the npm and PyPI repositories were laced with code that stole wallet credentials from dYdX ...

Docker has released security fixes for a critical vulnerability affecting its AI-assisted feature known as Ask Gordon. The ...

Two malicious VS Code extensions have exfiltrated code snippets, API keys, and proprietary algorithms from 1.5 million ...

CISA adds an actively exploited SolarWinds Web Help Desk RCE flaw to KEV, ordering federal agencies to patch by February 2026 ...

Key cyber updates on ransomware, cloud intrusions, phishing, botnets, supply-chain risks, and nation-state threat activity.

A new GlassWorm malware attack through compromised OpenVSX extensions focuses on stealing passwords, crypto-wallet data, and developer credentials and configurations from macOS systems.

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...

Who needs humans when a purported 1.5 million agents trade lobster memes and start their own religion? Moltbook, vibe-coded by Octane AI founder Matt Schlicht in a weekend (he cla ...