GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure

May 27, 2026 at 05:18PM CrowdStrike, in partnership with Google and the Shadowserver Foundation, has announced the simultaneous d…

5 Steps to Managing Shadow AI Tools Without Slowing Down Employees

May 27, 2026 at 05:00PM When an employee installs an AI writing assistant, connects a coding copilot to their IDE, or starts summ…

Gitea Vulnerability Exposes Private Container Images without Authentication

May 27, 2026 at 03:36PM Cybersecurity researchers have disclosed a security flaw in Gitea, an open-source, self-hosted platform f…

AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites

May 27, 2026 at 01:15PM Microsoft has warned of an active cryptojacking campaign that makes use of artificial intelligence (AI) c…

MFA Prompt Bombing: Why Your Second Factor Isn't Saving You

May 26, 2026 at 04:00PM Multi-factor authentication (MFA) was supposed to close a critical gap in identity security. It meant tha…

CERT-In Mandates 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks

May 26, 2026 at 02:43PM The Indian Computer Emergency Response Team (CERT-In) has issued new guidelines requiring organizations t…

Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning

May 26, 2026 at 12:43PM The Iranian state-sponsored threat actor known as Nimbus Manticore (aka Screening Serpens and UNC1549) ha…

KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike

May 26, 2026 at 10:49AM A now-patched high-severity security flaw affecting Digital Knowledge KnowledgeDeliver, a Learning Manage…

The Alert Firehose Finally Meets Its Match

May 25, 2026 at 05:00PM Ask a cybersecurity pro about Network Detection and Response (NDR) and you might still hear "Noisy,&…

Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms

May 25, 2026 at 03:02PM Cybersecurity researchers have shed light on a cross-platform malware called RemotePE that has been put t…

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

May 25, 2026 at 11:29AM A new coordinated cross-ecosystem software supply chain attack campaign has targeted npm, PyPI, and Crate…

Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer

May 23, 2026 at 03:21PM Cybersecurity researchers have flagged a fresh software supply chain attack campaign that has targeted mu…