A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.

Anthropic's new initiative, Project Glasswing, unites a dozen major organizations—including Apple, Google, Microsoft, AWS, ...

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...

DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...

If you're paying for software features you're not even using, consider scripting them.

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

Security teams are scrambling after two malicious releases of the Telnyx Python SDK were uploaded to PyPI on March 27, turning a widely used developer tool into a credential-stealing backdoor that ...

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...

Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

PCWorld reports Microsoft is updating Windows 11’s File Explorer with rounded corners for the address bar and search box to match the operating system’s design language. This minor redesign creates ...