Fake Antigravity downloads are enabling fast account takeovers using hidden malware and stolen session cookies.

We gather data from the best available sources, including vendor and retailer listings as well as other relevant and ...

The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.

UNC6692 has been attributed to a large email campaign that's designed to overwhelm a target's inbox with a flood of spam ...

Attackers published a malicious command-line version of the popular open-source password manager to the npm registry and may ...

Scammers built a convincing fake Windows update site that installs password-stealing malware. Learn how the multi-stage ...

Once the best Android launcher, Nova is now chasing data, ads, and AI-driven monetization over user control. I've switched, ...

Three supply chain attacks hit npm, PyPI, and Docker Hub between April 21–23, 2026. All three targeted secrets: API keys, cloud credentials, SSH keys, and tokens from developer environments and CI/CD ...

Two newly discovered macOS threats are designed to harvest developer credentials and cloud access as attackers focus on ...

Let your imagination (and wallet) run free.

The river was already severely damaged by the remnants of Hurricane Helene. An illegal mine continues to leech sediment into ...

It may look like a cute little dolphin-themed toy, but the Flipper Zero is a surprisingly powerful learning tool for hacking.