A new report out today from Swiss artificial intelligence-powered managed extended detection and response company Ontinue AG ...

In this campaign, Nezha is deployed as a post-exploitation remote access tool rather than malware. Because the software is ...

Over the weekend, ​Google's threat intelligence team linked five more Chinese hacking groups to attacks exploiting the ...

In early December 2025, the React core team disclosed two new vulnerabilities affecting React Server Components (RSC). These issues – Denial-of-Service and Source Code Exposure were found by security ...

More and more businesses now hire remote assistants. It's a smart move. You save money. You get good talent from anywhere. But there is a big problem - security ...

An unpatched zero-day vulnerability in Gogs, a popular self-hosted Git service, has enabled attackers to gain remote code ...

Rapidly change your password, the Microsoft security team urges as Shai-Hulud Dune Worm cloud attacks continue.

Tap these Model Context Protocol servers to supercharge your AI-assisted coding tools with powerful devops automation capabilities.

A six-month investigation into AI-assisted development tools has uncovered over thirty security vulnerabilities that allow data exfiltration and, in some cases, remote code execution.

Shai Hulud is a malware campaign first observed in September targeting the JavaScript ecosystem that focuses on supply chain ...

Threat actors are still abusing Visual Studio Code extensions as an entry point, with the latest fake Prettier incident showing a multi-stage path from marketplace install to credential theft and full ...

Chinese threat group UAT-9686 has been exploiting the zero-day CVE-2025-20393 to hack Cisco security appliances.