Days after IBM and Red Hat announced a master security plan for open-source software, Red Hat suffers a major breach of its ...

Fake Claude Code installer malware used Google Ads to place spoofed AI tool pages above real documentation since March 2026.

SVG phishing email attacks are bypassing enterprise email security gateways by hiding JavaScript inside image files and ...

A sneaky IAB operation uses a malicious traffic distribution system (TDS) to redirect visitors of trusted websites to ones ...

Hackers can hijack ChatGPT, Claude, and Gemini with nothing but a sentence. OpenAI says the problem may never be fully solved.

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...

GREYVIBE targeted Ukraine since August 2025 using AI-assisted malware campaigns, increasing espionage capabilities and attribution challenges.

Now sites have a new way to spy on their visitors: measuring subtle interactions with their solid-state drives. The technique ...

Investigating Joshua Pike is the first real field mission in 007 First Light that will require players to get to upstairs ...

In today's 2-Minute Tech Briefing, a Windows 11 update broke localhost functionality, disrupting developer workflows just as Windows 10 support ended. Nvidia’s long-awaited DGX Spark “personal AI ...

Ghostwriter used Prometheus lures since spring 2026 to target Ukraine agencies, enabling malware delivery and data theft.

The Shai-Hulud supply-chain malware campaign is exploiting the automated systems developers trust to publish software safely.