The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.

Vercel breached after attacker compromised Context.ai, hijacked an employee's Google Workspace via OAuth, and accessed ...

But if you feel you absolutely must use it, or are just curious, enabling Lockdown Mode on your iPhone is easy. Open the ...

OpenAI is one of many organizations affected by the recent Axios supply chain attack attributed to North Korean hackers.

WordPress's massive installed base isn't going anywhere, but many developers and AI agents are not opting for the product for new sites. Will they go for Cloudflare instead?

Last week, something alarming happened in the world of software — and almost nobody outside the tech industry noticed. A widely-used software library called LiteLLM, downloaded over 95 million times ...

Run a quick self-audit against 10 warning signs that your authentication stack has critical vulnerabilities. Each sign includes a diagnostic check, an explanation of why it's dangerous, and a concrete ...

The 21-year-old is the Country Lead for Girls in Robotics Kenya Chapter and co-founder of Space Shift, mentorship roles she ...

Six teams exploited Claude Code, Copilot, Codex, and Vertex AI in nine months. Every attack hit runtime credentials that IAM ...

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...

Attackers stole a long-lived npm access token belonging to the lead maintainer of axios, the most popular HTTP client library in JavaScript, and used it to publish two poisoned versions that install a ...

Monday cybersecurity recap on evolving threats, trusted tool abuse, stealthy in-memory attacks, and shifting access patterns.