An AI-assisted campaign is spreading more than 300 poisoned packages for diverse assets ranging from developer tools to game ...

Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor ...

The Lapsus$ extortion group has claimed the theft of 3GB of data from AstraZeneca, including internal code repositories and ...

DarkSword has escaped confinement and been found in the wild and capable of targeting millions of iPhones.

Cybersecurity researchers have uncovered a new set of malicious npm packages that are designed to steal cryptocurrency ...

A report has confirmed that a highly sophisticated, full-chain exploit kit internally known as DarkSword has been publicly ...

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...

The Trivy story is moving quickly, and the latest reporting makes one thing clear: this is no longer just a GitHub Actions ...

New Diffblue Testing Agent Automatically Generates Comprehensive Regression Test Suites To Derisk Application Modernization ...

RSAC 2026 Thousands of organizations' cloud environments have been infected with secret-stealing malware as a result of the Trivy supply-chain attack last week, and now the crims that compromised the ...

A new hacking group has been rampaging the Internet in a persistent campaign that spreads a self-propagating and never-before ...

Researchers from three universities have found that nearly 10,000 webpages are publicly exposing API credentials, leaving ...