A new malware campaign is targeting traders and crypto users by abusing trust in popular platforms. … Fake TradingView Premium Posts on Reddit Deliver Vidar and AMOS StealersRead more
Latest News
Critical Command Injection in AI Coding Agent Exposed GitHub Tokens
The growing adoption of AI coding assistants is introducing powerful productivity gains — but also new … Critical Command Injection in AI Coding Agent Exposed GitHub TokensRead more
50,000 Sites at Risk from Critical Ninja Forms File Upload RCE
A critical vulnerability in the WordPress ecosystem has placed approximately 50,000 websites at risk of full … 50,000 Sites at Risk from Critical Ninja Forms File Upload RCERead more
Storm-1175 Exploits 0-Days to Deploy Medusa Ransomware in 24 Hours
Microsoft has warned of a fast-moving ransomware campaign driven by the threat group Storm-1175. The attackers … Storm-1175 Exploits 0-Days to Deploy Medusa Ransomware in 24 Hours Read more
CISA Adds Actively Exploited TrueConf Vulnerability to KEV Catalog
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting TrueConf Client to … CISA Adds Actively Exploited TrueConf Vulnerability to KEV Catalog Read more
36 Malicious npm Strapi Packages Used in Targeted Supply Chain Attack
A sophisticated software supply chain attack has been discovered targeting developers using Strapi. Attackers published 36 … 36 Malicious npm Strapi Packages Used in Targeted Supply Chain Attack Read more
Anthropic Ends Claude Access for Third-Party AI Tools Like OpenClaw
Anthropic has officially ended the ability for users to power third-party automation tools with their Claude … Anthropic Ends Claude Access for Third-Party AI Tools Like OpenClaw Read more
LinkedIn Browser Extension Scanning Controversy Explained
A new investigation has raised serious privacy concerns about how LinkedIn may be collecting data from … LinkedIn Browser Extension Scanning Controversy Explained Read more
Axios npm Supply Chain Attack: Detection, Risks, and Mitigation Guide
On March 31, 2026, the cybersecurity community faced a major wake-up call when a widely trusted … Axios npm Supply Chain Attack: Detection, Risks, and Mitigation Guide Read more
GitHub C2 LNK Phishing Attack Linked to North Korea
A sophisticated phishing campaign linked to North Korean threat actors is abusing GitHub as a covert … GitHub C2 LNK Phishing Attack Linked to North Korea Read more