Attackers published a malicious command-line version of the popular open-source password manager to the npm registry and may ...

Three supply chain attacks hit npm, PyPI, and Docker Hub between April 21–23, 2026. All three targeted secrets: API keys, cloud credentials, SSH keys, and tokens from developer environments and CI/CD ...

OpenAI releases 'Privacy Filter,' an open-weight model designed to detect and redact sensitive PII locally. Enhance data ...

In February 2026, Tencent tore down its pre-training and reinforcement-learning infrastructure and rebuilt both from scratch.

Open AI released GPT-5.5 Redefining Intelligence, Productivity, and the Future of Human-AI Collaboration. It is transforming ...

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.

Bitwarden CLI 2026.4.0 was compromised in a supply chain attack that targets crypto wallet keys, SSH keys, and CI/CD secrets.

ThreatsDay Bulletin: active exploits, supply chain attacks, AI abuse, and stealth data risks observed this week.

Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest ...

ESET Research has discovered a new China-aligned APT group that we’ve named GopherWhisper, which targets Mongolian ...

Recent updates to Google's NotebookLM, including deeper integration with Gemini, cinematic video overviews, and custom ...

Web Application Breaches Involve Stolen Credentials. 2.3 Million Bank Logins Are for Sale on the Dark Web Right Now. And Your ...