A decade-old critical security vulnerability affects over 800,000 internet-exposed telnet servers, with reports of active ...

Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack.

Adversaries weaponized recruitment fraud to steal cloud credentials, pivot through IAM misconfigurations, and reach AI ...

Two malware campaigns weaponize open-source software to target executives and cloud systems, combining social engineering ...

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

Two vulnerabilities in n8n’s sandbox mechanism could be exploited for remote code execution (RCE) on the host system.

KEV Collider combines data from multiple open-source vulnerability frameworks to help cybersecurity teams assess which issues ...

Hacktivist group claims a 2.3-terabyte data breach exposes information of 36 million Mexicans, but no sensitive accounts are ...

Practical DevSecOps launches the Certified Security Champion course to help orgs bridge the talent gap by upskilling ...

Researchers at QED Secure show how a connected wheelchair could be remotely hijacked, highlighting growing cyber risks in medical devices.

BITS Pilani has launched 2 new courses on AI, Machine Learning and Cybersecurity. The enrolment process is ongoing on official website.

Open source malware surged 73% in 2025, with npm as a key target with rising risks in software supply chains and developer environments.