Ghostwriter used Prometheus lures since spring 2026 to target Ukraine agencies, enabling malware delivery and data theft.

Packagist packages hid malicious package.json scripts, enabling Linux binary execution during installs and workflows.

Attackers are increasingly abusing Microsoft’s legacy MSHTA utility to silently deliver malware, stealers, and persistent ...

The Shai-Hulud supply-chain malware campaign is exploiting the automated systems developers trust to publish software safely.

A new infostealer variant targets macOS users by spoofing Apple, Microsoft, and Google and then then gets to work searching ...

Claude Code has made the digital photo tool Adobe Lightroom functional on Linux. The project began with a very simple prompt.

GitHub CISO Alexis Wales confirmed Thursday that a poisoned build of the Nx Console Visual Studio Code extension — live on ...

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, ...

Google AI Studio lets users test Gemini models, build apps, generate media, and export code. Here’s what it does, costs, and ...

None ...

Dify, a popular low-code AI application development platform with over 142,000 stars on GitHub, was found to contain critical vulnerabilities that allowed a one-click account takeover. Imperva ...