The UN nuclear watchdog reported "no increase in off-site radiation level" at the Natanz nuclear plant in Iran and "no ...

Cybercriminal groups are now using spyware tools once utilized mainly by spies and law enforcement to hack into iPhones, new research shows. Why it matters: Anyone with an iPhone can now be the target ...

The OWASP Top 10 for LLM Applications is the most widely referenced framework for understanding these risks. First released in 2023, OWASP updated the list in late 2024 to reflect real-world incidents ...

LeakNet uses ClickFix via compromised sites to gain access, enabling stealth attacks and scalable ransomware operations.

The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a ...

GlassWorm attack uses stolen GitHub tokens to inject malware into Python repositories, exposing developers to supply chain risks.

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

The Glassworm campaign has compromised over 151 GitHub repositories and npm packages using invisible Unicode payloads that ...

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.

Google has confirmed an emergency Chrome security update amid reports that attackers are exploiting two zero-day vulnerabilities.

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

Google patches two actively exploited Chrome vulnerabilities that could allow attackers to crash browsers or run malicious code. Billions of users urged to update.