Malicious repository impersonating OpenAI's Privacy Filter reached 244,000 downloads before removal. Infostealer targeted Windows users via trending Hugging Face page.
Silent Ransom Group escalates from vishing to physical infiltration. FBI FLASH alert warns 38+ law firms already breached, with operatives plugging USB drives into office computers.
Microsoft warns of active campaign using AI chatbot recommendations to distribute GPU mining malware. Attackers target high-end graphics card owners through fake utility downloads.
Malicious npm package mouse5212-super-formatter stole files from Claude AI's working directory. The attacker's own GitHub token was exposed in the code, allowing researchers to trace exfiltration.
CVE-2026-27771 let attackers pull private container images without authentication. Over 30,000 Gitea deployments affected across healthcare, aerospace, and retail. Update to 1.26.2 now.
NIST's updated password guidelines eliminate forced expiration and complexity rules. Here's how to enforce strong Active Directory passwords without driving users to workarounds.
7-Eleven confirms data breach after ShinyHunters demanded $250K ransom. Over 600,000 Salesforce records allegedly stolen from franchise application systems.
Immigration law platform DocketWise confirms data breach affecting 143,480 people. SSNs, passport numbers, and medical information compromised via cloned repositories.
Attackers compromised DigiCert's support portal via malicious chat attachment, stealing EV code signing certificates. 11 certificates used to sign Zhong Stealer malware.
CVE-2024-12802 lets attackers bypass MFA on SonicWall Gen6 VPNs even after patching. Ransomware operators actively exploiting incomplete fixes. Gen6 reached EOL April 16.
Learn about ransomware, phishing, malware, and essential online safety practices.
Curated books, tools, and resources to deepen your cybersecurity knowledge.
Get the latest cybersecurity news delivered to your inbox.