An npm package named 'rand-user-agent' has been compromised in a supply chain attack to inject obfuscated code that activates ...

A malicious Python package targeting Discord developers with remote access trojan (RAT) malware was spotted on the Python ...

Ransomware operations are using legitimate Kickidler employee monitoring software for reconnaissance, tracking their victims' ...

Venture capital firm Insight Partners has confirmed that sensitive data for employees and limited partners was stolen in a ...

Cisco has fixed a maximum severity flaw in IOS XE Software for Wireless LAN Controllers by a hard-coded JSON Web Token (JWT) that allows an unauthenticated remote attacker to take over devices.

SonicWall has urged its customers to patch three security vulnerabilities affecting its Secure Mobile Access (SMA) appliances ...

The LockBit ransomware gang has suffered a data breach after its dark web affiliate panels were defaced and replaced with a ...

Since the start of the year, the Russian state-backed ColdRiver hacking group has been using new LostKeys malware to steal ...

Education giant Pearson suffered a cyberattack, allowing threat actors to steal corporate data and customer information, BleepingComputer has learned.

Microsoft says the April 2025 security updates are causing authentication issues on some Windows Server 2025 domain ...

PowerSchool is warning that the hacker behind its December cyberattack is now individually extorting schools, threatening to ...

A new phishing kit named 'CoGUI' sent over 580 million emails to targets between January and April 2025, aiming to steal ...