Hackers have compromised the Laravel-Lang open-source ecosystem, turning trusted PHP localisation packages into a vehicle for credential theft and remote code execution across developer machines and ...

They made using PowerShell effortless.

Laravel-Lang compromise tagged 700+ versions on May 22–23, 2026, triggering PHP stealers that exfiltrate credentials.

A multi-stage attack on Linux devices began with an exposed F5 BIG-IP edge appliance and pivoted to an internal Confluence ...

Chinese hackers targeted telecom providers using new Linux and Windows malware called Showboat and JFMBackdoor.

Showboat targets Linux telecom systems since mid-2022, enabling C2 access, proxying, and file theft across multiple countries ...

A Chinese cyber-espionage campaign has been targeting telecommunications providers with newly discovered Linux and Windows ...

SHub Reaper stealer, which hides behind fake WeChat and Miro installers, marks a shift from ClickFix social engineering to ...

Another Linux kernel flaw has handed local unprivileged users a way to peek at files they should never be able to read, ...

Microsoft on Thursday disclosed a zero-day vulnerability in Exchange that's under active exploitation, but four days later customers are still awaiting a patch. The zero-day, tracked as CVE-2026-42897 ...

If you want to know the best characters in independent works, check out these ten indie game antagonists that are better than AAA villains.

A newly discovered zero-day vulnerability in Microsoft Exchange Server has experts declaring an emergency and urging CSOs to ...