Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

In a rare move, the FBI has published an alert 'seeking victim information' related to a hacker exploiting Valve's Steam ...

Chinese users looking for legitimate software such as Notepad++ and VNote on search engines like Baidu are being targeted with malicious ads and bogus links to distribute trojanized versions of the ...

A hacker jailbroke Claude to steal 150GB of Mexican government data in a month-long campaign. CrowdStrike's latest threat report shows it's part of a wider pattern — and maps four domains most ...

Article updated at the bottom with additional technical details about this campaign. Amazon is warning that a Russian-speaking hacker used multiple generative AI services as part of a campaign that ...

Microsoft patches CVE-2026-20841, a high-severity Windows Notepad flaw that could allow code execution via malicious Markdown files. Image: Microsoft. Notepad has long been Windows’ quiet utility ...

Microsoft continues to move Notepad away from its text-editing roots with planned support for images. Although not officially announced, an image icon has appeared on the Notepad toolbar for Windows ...