Latest updates from top security sources
Cybersecurity researchers have identified a sophisticated campaign dubbed "GemStuffer" that has compromised the RubyGems package repository with over 150 malicious gems designed to...
RubyGems, the official package manager for the Ruby programming language, has temporarily suspended new account registrations following a significant supply chain attack. According...
Checkmarx has confirmed that threat actors from TeamPCP published a malicious version of the Jenkins AST plugin to the Jenkins Marketplace. The compromised version, 2.0.13-829.vc72...
A sophisticated supply chain attack has been uncovered on Hugging Face after a malicious repository impersonating OpenAI's legitimate Privacy Filter model climbed to the platform's...
The official website for JDownloader, a widely used open‑source download manager, was compromised earlier this week. Attackers altered the download links for both Windows and Linux...
A fraudulent repository masquerading as OpenAI’s "Privacy Filter" project has been discovered on Hugging Face, the popular model‑sharing hub. The repo, which briefly made the platf...
U.S. authorities have apprehended a suspect allegedly responsible for compromising rail signaling systems, marking a rare enforcement action against attacks on transportation netwo...
Thousands of schools and universities across the United States and Canada were thrust into disarray this week after the popular learning management system (LMS) Canvas, developed b...
On Thursday, May 30 2025, a coordinated cyber incident hit Instructure's Canvas learning management system, displaying a ransom note from an unidentified cybercriminal group to stu...
Trend Micro researchers have identified a cluster of four Android applications on the Google Play Store that masqueraded as tools to view any phone number’s call history. The apps,...
Security researchers at SentinelLabs have uncovered a previously undocumented Linux remote access trojan, codenamed Quasar Linux RAT (QLNX), that is being deployed in a campaign ai...
Trellix, a prominent cybersecurity vendor, disclosed on [date] that its internal source‑code repository had been compromised. The intrusion was promptly claimed by the RansomHouse ...
On March 15, 2023, a federal jury in the Eastern District of Virginia found Austin M. Collins, 34, of Arlington, Virginia, guilty of one count of conspiracy to commit computer frau...
Researchers at SentinelLabs have uncovered a new supply‑chain threat targeting developers who rely on the Python Package Index (PyPI). The campaign, tracked as ‘ZulipSnatch’, consi...
Security researchers have disclosed twelve critical vulnerabilities in the popular vm2 Node.js sandbox library, collectively enabling attackers to escape the sandbox environment an...
Security researchers have identified a new banking trojan, named TCLBanker, that is actively spreading through WhatsApp messages and Outlook emails. The campaign lures victims with...
Security researchers at the TrustFall convention have disclosed a critical vulnerability that allows malicious code repositories to trigger arbitrary code execution in several popu...
Two U.S. nationals were sentenced to 18 months in federal prison each for managing laptop farms that facilitated North Korean IT workers in securing remote positions at nearly 70 A...
Google has announced a significant expansion of its Binary Transparency initiative for Android, introducing a public verification mechanism designed to protect the ecosystem from s...
A threat actor known as ShinyHunters has claimed responsibility for a cyberattack against Instructure, the company behind the widely deployed Canvas learning management system (LMS...
A critical sandbox‑escape flaw (CVE‑2023‑48927) has been uncovered in vm2, the widely‑used Node.js sandboxing library. The vulnerability, discovered by security researcher Alex Tsv...
Disc Soft Limited, the vendor behind the popular disc‑imaging utility DAEMON Tools Lite, acknowledged on March 8 2026 that a malicious update had been pushed through its official d...
A sophisticated supply‑chain compromise has been uncovered in the popular disc‑imaging suite DAEMON Tools, after security researchers at Kaspersky detected a malicious payload embe...
The North Korea‑aligned advanced persistent threat (APT) group ScarCruft, also tracked as Group 123 and Reaper, has resurfaced with a fresh supply‑chain intrusion that targets a po...
Trellix, a prominent cybersecurity company formed from the merger of McAfee Enterprise and FireEye, has confirmed a significant source code breach affecting multiple security produ...
Security researchers have uncovered a previously undocumented Linux implant, dubbed Quasar Linux (QLNX), that is actively targeting software developers. Discovered during an invest...
On April 8, 2026, Disc Soft Ltd. confirmed that the official DAEMON Tools Pro installer (version 8.0.0.0634) had been trojanized and was being distributed through its website. The ...
HeroDevs released a new analysis showing that end‑of‑life (EOL) open‑source components create systematic blind spots in CVE feeds and the Software Composition Analysis (SCA) tools ...
The North Korean threat group APT37, also tracked as ScarCruft, has been observed delivering an Android variant of its BirdCall backdoor through a supply‑chain compromise of a popu...
Modern DevSecOps pipelines lean heavily on CVE feeds such as the National Vulnerability Database (NVD) and Software Composition Analysis (SCA) tools like Snyk, Synopsys Black Duck,...
Since April 2025, a sophisticated phishing operation has targeted more than 80 organizations by abusing legitimate Remote Monitoring and Management (RMM) platforms, SimpleHelp and ...
Physical cargo theft is no longer the domain of opportunistic street gangs; it has morphed into a high‑tech enterprise orchestrated by transnational cybercriminal syndicates. Accor...
On March 15, 2024, the Python Package Index (PyPI) removed a trojanized version of the popular deep‑learning wrapper "pytorch‑lightning" after security analysts at Cisco Talos iden...
Cybersecurity firm Trellix has disclosed a significant data breach after threat actors gained unauthorized access to a portion of its source code repository. The incident, discover...
On March 24, 2026, Microsoft Defender began flagging legitimate DigiCert root certificates as Trojan:Win32/Cerdigent.A!dha after a signature update. The detection impacted multiple...
Trellix has officially acknowledged a security incident in which an unauthorized party gained access to a portion of its source code repositories. The company said it identified th...
Security researchers at SentinelLabs have uncovered a sophisticated supply‑chain campaign, dubbed "Nightshade," that embeds dormant malicious code in popular Ruby Gems and Go modul...
Threat actors have once again exploited the open‑source supply chain, compromising the popular Python libraries PyTorch Lightning and Intercom‑client. By obtaining the maintainer’s...
Atos Threat Research Center (TRC) uncovered in March 2026 a highly resilient malicious operation that distributes a remote‑access trojan called EtherRAT. The campaign abuses GitHub...
A Brazilian technology firm that markets itself as a specialist in mitigating distributed denial-of-service (DDoS) attacks has been uncovered as the operator of a botnet responsibl...
A threat actor identified as TeamPCP has extended its supply‑chain assault to the SAP cloud application development ecosystem, compromising several npm packages that are integral t...
Google has successfully patched a maximum severity vulnerability (CVSS 10) in its Gemini CLI tool, specifically affecting the "@google/gemini-cli" npm package and the "google-githu...
A newly identified ransomware strain named Vect 2.0 has been observed executing wiper‑style attacks against organizations compromised through the TeamPCP software supply chain. The...
Cybersecurity researchers at Aikido Security have uncovered a new supply chain attack campaign that has compromised several npm packages associated with SAP software. The malicious...
Cybersecurity researchers have identified a fresh wave of attacks linked to North Korean state‑actors that combine artificial‑intelligence‑generated code, malicious npm packages, a...
Security researchers have observed a persistent escalation of the GlassWorm campaign, in which threat actors publish seemingly innocuous extensions for Visual Studio Code on the Op...
Security researchers from CyberSec Labs have identified a critical remote‑code‑execution (RCE) vulnerability in both GitHub.com and GitHub Enterprise Server. Tracked as CVE‑2026‑38...
Checkmarx has confirmed that the data stolen during the March 23 supply‑chain intrusion has been publicly posted on a Tor‑based dark‑web leak site. The company’s incident response ...
Fast16, a newly identified modular Trojan, has been observed in a wave of attacks that leverage DLL side‑loading to bypass application whitelisting. Discovered by Cisco Talos on 20...
Security researchers have identified 73 malicious Visual Studio Code extensions hosted on the Open VSX registry that are distributing an updated variant of the GlassWorm informatio...
Glasswing’s recent announcement that it has secured the core code of its platform is a welcome step toward reducing software vulnerabilities, but security experts warn that the bro...
NASA's Office of Inspector General (OIG) has disclosed a sophisticated spear‑phishing campaign orchestrated by a Chinese national who masqueraded as a U.S. defense researcher. The ...
Tropic Trooper, a Chinese‑speaking threat actor tracked by several threat‑intel firms, has launched a new campaign that weaponizes a trojanized version of the popular open‑source P...
Bitwarden CLI versions 2024.1.0 and earlier have been compromised as part of a supply‑chain campaign linked to the Checkmarx name. Security researcher Alex Petrov of XYZ Security L...
The latest ThreatsDay bulletin from hackmyip.com details a series of high‑impact incidents that illustrate the stubborn persistence of familiar flaws in the security landscape. Top...
Security researchers have uncovered a sophisticated attack campaign linked to Democratic People’s Republic of Korea (DPRK) threat actors that combines fake job offers with a worm‑l...
Power‑grid operators have long wrestled with keeping servers and data‑center equipment fed with clean, stable electricity, but a new wave of cyber‑threats is turning the supply sid...
Security researchers have identified a critical remote code execution vulnerability (CVE-2026-1731) in Bomgar Remote Monitoring and Management (RMM) software that threat actors are...
On March 5, 2026, Vercel's security operations center (SOC) detected anomalous activity stemming from an OAuth token tied to a senior developer's account. The token, scoped to the ...
A wave of newly disclosed flaws in serial-to-IP converters is raising alarms across the operational‑technology (OT) sector, with researchers warning that the devices act as a hidde...
Security researchers have disclosed critical vulnerabilities affecting IP KVM (Keyboard, Video, Mouse) devices from four major manufacturers, potentially exposing thousands of ente...
Security researchers at MIT Lincoln Laboratory have demonstrated that current DNA‑synthesis screening tools can miss proteins generated by state‑of‑the‑art AI models, effectively c...
Google has officially announced its Android developer verification program will feature both free and paid tiers, marking a significant shift in how developers are authenticated be...
Clorox has filed a lawsuit against a service desk vendor following a 2023 cybersecurity breach that cost the company approximately $380 million. The legal action centers on allegat...
Cisco Talos researchers have uncovered a coordinated campaign that weaponized four Chrome and Edge extensions—PDF Merger, WebScrap, FastFill, and ReadableView—collectively installe...