The Chinese espionage threat group Mustang Panda has updated its CoolClient backdoor to a new variant that can steal login ...

Hackers are on the hunt for open telnet ports in servers after discovering that a version of legacy client-server application ...

A critical sandbox escape vulnerability in Grist-Core has been disclosed that allows remote code execution (RCE) through a ...

According to the firm’s latest supply chain security report, there was a 73% increase in detections of malicious open-source packages in 2025. The past year also saw a huge jump in the scope of ...

The first big risk? A trademark lawsuit from Anthropic, which forced a name change late last night to Moltbot. Whatever it's called, giving an AI near-total access to your digital life is dicey.

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.

This was not a single company breach, the credentials were harvested from millions of infected user devices using infostealer malware. Binance appeared in the dataset ...

Telnet is an old network protocol that allows users to remotely log into devices. Because it is outdated and insecure, it is not supposed to be exposed to the internet anymore, but hundreds of ...

North Korea is doubling down on a familiar playbook by weaponizing trust in open-source software and developer workflows. The ...

A critical Grist-Core flaw (CVE-2026-24002, CVSS 9.1) allows remote code execution through malicious formulas when Pyodide ...

Experts details PeckBirdy, a JavaScript C2 framework used since 2023 by China-aligned attackers to spread malware via fake ...