Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...

The GitHub hack shows how one poisoned VS Code extension gave attackers access to 3,800 internal repositories. If you rely on third-party developer tools, this breach is a warning to audit your ...

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

The malware used in the attack was dubbed “Miasma” and is described as a self-replicating worm designed to harvest login ...

We’ve talked before about number stations — mysterious shortwave transmitters repeating numbers, presumably for clandestine ...

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

GitHub has confirmed a cyberattack after a threat actor claimed to be selling stolen company data. The breach involved unauthorized access to internal repositories via a compromised employee device ...

For a piece of wearable technology, Pebble has had a fairly “rocky” history. One of the most successful Kickstarters of its ...

For over 5 years, Arthur has been professionally covering video games, writing guides and walkthroughs. His passion for video games began at age 10 in 2010 when he first played Gothic, an immersive ...

A developer went viral for reconfiguring Chipotle’s customer support bot into a coding assistant, and providing the playbook ...