GitHub facades and Ethereum smart contracts power a March 2026 admin-targeted campaign, enabling resilient C2 rotation and ...

According to Kaspersky telemetry, almost 19,500 malicious packages were found in open-source projects by the end of 2025, representing a 37% increase compared to the end of 2024.Modern software ...

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.

If you use any OpenAI apps on your Mac, here's something you don't want to ignore. OpenAI is requiring all macOS users to ...

Blomma, a new AI career coaching platform built for the realities of modern work, is launching today with more than $5 ...

The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.

MESCIUS USA Inc., a global provider of award-winning enterprise software development tools, is pleased to announce the Wijmo 2026 v1 release. The first major release of 2026 yields major accessibility ...

A new LOTUSLITE malware campaign is targeting India’s banking sector using phishing files and trusted tools. Researchers say ...

Fake packages aim to steal data, credentials, and secrets, and to infect every package created using them, in what could be ...

GHENT, Belgium, April 20, 2026 (GLOBE NEWSWIRE) -- Aikido Security today launched Aikido Endpoint, a lightweight security agent that protects developer devices against software supply chain attacks by ...

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...