Found 93 results
A new wave of malicious software packages has been caught stealing cloud credentials and CI/CD pipeline secrets from dev...
A polished, fully functional npm package has been caught secretly stealing OpenAI Codex authentication tokens from devel...
A malicious npm package called forge-jsxy has been quietly stealing cryptocurrency wallet keys, browser credentials, and...
A powerful phishing kit known as Tycoon 2FA has been making waves across the cybersecurity world since it first appeared...
A well-known Iran-linked hacking group has been caught running a far-reaching espionage campaign that touched at least n...
A North Korea-linked hacking group known as WaterPlum has introduced a dangerous new malware called StoatWaffle, deployi...
A popular code editor extension listed on the Open VSX registry was discovered carrying hidden malware that silently fet...
Apex is an autonomous, AI-powered penetration testing agent designed to operate in black-box mode against live applicati...
The Node.js project released a critical security update on March 24, 2026, for the Long-Term Support (LTS) branch, desig...
A new malware campaign called GhostClaw is actively targeting macOS users through fake GitHub repositories and AI-assist...
A new piece of malware called RoadK1ll has been found silently converting compromised machines into controllable network...
A malicious npm package named undicy-http has surfaced inside the Node.js developer ecosystem, quietly compromising mach...