"According to trusted third-parties, where more recent incidents are concerned, Scattered Spider threat actors may have ...

A massive mobile malware campaign targets Android and iOS users in Asia, stealing personal data through fake apps.

The shortcoming unearthed by Wiz in Base44 concerns a misconfiguration that left two authentication-related endpoints exposed ...

JavaScript injection attacks surged in 2024, hitting major brands via Polyfill.io. Learn why frameworks failed.

Chaos ransomware rises after BlackSuit takedown, hitting U.S. targets with $300K demands and stealthy evasion tactics.

Phishing emails mimicking PyPI target developers to steal credentials via fake sites. Users urged to stay alert.

Browser-based identity attacks surge in 2025, targeting SaaS apps and weak credentials across enterprise accounts.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security vulnerability ...

In what's the latest instance of a software supply chain attack, unknown threat actors managed to compromise Toptal's GitHub ...

Legacy email filters miss post-delivery threats in Microsoft 365 and Google Workspace, exposing data. Here's how EDR-style ...

Tridium Niagara flaws expose critical infrastructure to takeover if misconfigured, affecting security and system uptime.

Vendetect - It is an open-source tool designed to detect copied or vendored code across repositories — even when the code has ...