Attackers are increasingly abusing Microsoft’s legacy MSHTA utility to silently deliver malware, stealers, and persistent ...

On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow ...

Microsoft on Thursday disclosed a zero-day vulnerability in Exchange that's under active exploitation, but four days later customers are still awaiting a patch. The zero-day, tracked as CVE-2026-42897 ...

Attackers performed an email takeover attack on a dormant maintainer account and published new node-ipc versions containing ...

TanStack has released a detailed postmortem describing a sophisticated supply-chain attack that compromised 42 npm packages ...

Researchers say the campaign uses a browser-based JavaScript VM to hide credential theft and intercept MFA at scale.

FrostyNeighbor, a long-running cyberespionage actor apparently aligned with the interests of Belarus, has been active recently in campaigns ...

Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...

The 35-year-old had argued his initial admissions of guilt over the 2019 Christchurch attacks were provoked by poor mental health due to harsh prison conditions.

Iran’s state broadcaster has reported explosions in the Strait of Hormuz which it has described as an “exchange of fire” ...

CVE-2026-41940 exploitation by 2,000 IPs enabled Filemanager backdoor attacks, causing credential theft and persistent access ...

OpenAI confirmed on Wednesday that it found no evidence suggesting user data was compromised following a security incident ...