UNC6692 has been attributed to a large email campaign that's designed to overwhelm a target's inbox with a flood of spam ...

Scammers built a convincing fake Windows update site that installs password-stealing malware. Learn how the multi-stage ...

Malicious npm packages have been identified distributing malware that steals credentials and attempts to spread across ...

Chainguard, the trusted source for open source, today announced a partnership with Cursor, the leading multi-model AI coding platform, to secure the next generation of agentic software development.

Yet another npm supply-chain attack is worming its way through compromised packages, stealing secrets and sensitive data as ...

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.

A design flaw – or expected behavior based on a bad design choice, depending on who is telling the story – baked into ...

The new agent will enter public beta in the Firefly web app within weeks; anyone can join the waitlist now, and usage will draw from existing generative credit pools. Firefly's new controls add studio ...

On the silicon side, Nvidia's tech let Humanoid slash hardware development from the usual 18–24 months to just seven months. Executives pitched the deployment as proof that factory-grade humanoids can ...

Checkmarx suffers a second supply chain attack in a month, resulting in hackers injecting credential-stealing malware into ...

Researchers say a prompt injection bug in Google's Antigravity AI coding tool could have let attackers run commands, despite ...