The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

Hundreds of millions of users and an estimated 2.5 billion devices are reportedly exposed to potential attacks.

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

GNU Stow is a symlink manager. It takes files from an organized folder you control and links them to wherever your system expects to find them. Your applications see the files in their usual locations ...

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...

There is an open source solution to your file management problems, and it is based on open source software to replace your outdated explorer.

Anthropic has given Claude the ability to control a Mac, marking a major step in the AI agent race and raising new questions ...

An AI-assisted campaign is spreading more than 300 poisoned packages for diverse assets ranging from developer tools to game cheats.

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...

Apple reportedly urges iPhone users to update immediately after the DarkSword hacking toolkit became freely available on GitHub, targeting vulnerable devices. According to Macworld, iPhones running ...

Cybersecurity researchers have uncovered a new set of malicious npm packages that are designed to steal cryptocurrency wallets and sensitive data. The activity is being tracked by ReversingLabs as the ...