npm’s Update to Harden Their Supply Chain, and Points to Consider

February 13, 2026 at 04:15PM In December 2025, in response to the Sha1-Hulud incident, npm completed a major authentication ove…

Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability

February 13, 2026 at 02:04PM Threat actors have started to exploit a recently disclosed critical security flaw impacting Beyond…

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

February 12, 2026 at 10:25PM Cybersecurity researchers have discovered a fresh set of malicious packages across npm and the Pyt…

The CTEM Divide: Why 84% of Security Programs Are Falling Behind

February 12, 2026 at 04:00PM A new 2026 market intelligence study of 128 enterprise security decision-makers (available here) r…

83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure

February 12, 2026 at 01:02PM A significant chunk of the exploitation attempts targeting a newly disclosed security flaw in Ivan…

Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Apple Devices

February 12, 2026 at 11:09AM Apple on Wednesday released iOS, iPadOS, macOS Tahoe, tvOS, watchOS, and visionOS updates to addre…

First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials

February 11, 2026 at 11:15PM Cybersecurity researchers have discovered what they said is the first known malicious Microsoft Ou…

SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits

February 11, 2026 at 03:26PM Cybersecurity researchers have disclosed details of a new botnet operation called SSHStalker that …

North Korea-Linked UNC1069 Uses AI Lures to Attack Cryptocurrency Organizations

February 11, 2026 at 12:20PM The North Korea-linked threat actor known as UNC1069 has been observed targeting the cryptocurrenc…

DPRK Operatives Impersonate Professionals on LinkedIn to Infiltrate Companies

February 10, 2026 at 11:14PM The information technology (IT) workers associated with the Democratic People's Republic of Ko…

Warlock Ransomware Breaches SmarterTools Through Unpatched SmarterMail Server

February 10, 2026 at 03:54PM SmarterTools confirmed last week that the Warlock (aka Storm-2603) ransomware gang breached its ne…

Dutch Authorities Confirm Ivanti Zero-Day Exploit Exposed Employee Contact Data

February 10, 2026 at 01:52PM The Netherlands' Dutch Data Protection Authority (AP) and the Council for the Judiciary confir…