A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...

Fresh concerns have emerged over CBSE’s online portal after a 19-year-old cybersecurity researcher alleged vulnerabilities ...

FBI warns cyber criminals are using Traffic Distribution Systems to redirect users to phishing sites, malware downloads, ...

Tampered JavaScript in three Awesome Motive plugins exposed WordPress sites to rogue admin accounts and hidden backdoors.

With npm v12, GitHub closes a central attack vector: installation scripts from dependencies will only run after explicit ...

Nisarga Adhikary claimed he had hacked the CBSE website and identified serious lapses in the agency's On Screen Marking (OSM) system.

A vulnerability chain dubbed AutoJack in Microsoft’s AutoGen Studio interface for prototyping AI agents could let attackers manipulate an agent into executing arbitrary commands on its host system ...

Today is Microsoft's June 2026 Patch Tuesday, with security updates for 200 flaws, including five publicly disclosed zero-day ...

Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...

Federal agencies have until June 1, 2026, to patch a critical authentication bypass in Palo Alto Networks’ GlobalProtect VPN, and the clock started ticking on May 29. That is a three-day remediation ...