A threat actor started exploiting CVE-2026-39987, an unauthenticated RCE vulnerability in Marimo, nine hours after public disclosure.

DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...

Spread the loveIntroduction In a shocking revelation, Drift, a decentralized exchange operating on the Solana blockchain, disclosed that it fell victim to a staggering $285 million theft on April 1, ...

There are plenty of drones (and other gadgets) you can buy online that use proprietary control protocols. Of course, ...

Four vulnerabilities in CrewAI could be chained together via prompt injection for sandbox escape, remote code execution, and ...

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...

TeamPCP strikes again, with almost identical code to LiteLLM.

TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver ...

A newly discovered attack sandbags Apple users into hacking themselves. Here’s what all Mac users need to know.

WASHINGTON—Iran pulled off likely the most significant wartime cyberattack against the U.S. in history, leveraging its hacking powers to cause major disruptions at a global medical-equipment firm that ...

WASHINGTON (AP) — Pro-Iranian hackers are targeting sites in the Middle East and starting to stretch into the United States during the war, raising the risk of American defense contractors, power ...

Signage at the Stryker Corp. headquarters in Portage, Michigan, U.S., on March 12, 2026. Reporter A hacking group connected to Iran has claimed responsibility for a cyberattack on a U.S. medical ...