Nx supply chain attack on Aug 26, 2025 leaked 2,349 secrets via npm packages, risking GitHub and cloud accounts.

Ethereum smart contracts used to hide URL to secondary malware payloads in an attack chain triggered by a malicious GitHub ...

Tomasz Tunguz developed 'The Podcast Orchestrator,' an AI-powered app that transcribes, summarizes, and analyzes podcasts for ...

This breach exposed a critical weakness in the current CI/CD security model: the assumption that automated workflows are inherently benign. The GhostAction supply chain campaign underscores how ...

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved ...

A major JavaScript supply chain attack targeting crypto wallets through compromised GitHub packages has stolen only $1,043.

In 2025, vulnerability scanning tools are essential for modern security teams, but running a scan is rarely the hard part anymore. The real challenge is automating it at scale: across thousands of ...

Two-dimensional barcodes called Quick Response codes, or QR codes for short, are used to store data that devices can read. While QR codes are popularly scanned via smartphones, what if you want to ...

The Salesloft Drift breach affected hundreds of organizations through Salesforce, including Cloudflare, Palo Alto Networks, ...

Attackers on underground forums claimed they were using HexStrike AI, an open-source red-teaming tool, against Citrix ...

NetPeek is GTK4/libadwaita app for fuss-free network scanning on Linux desktops. A user-friendly alternative to nmap for ...

Attacks on the NX build system and React packages highlight escalating threats to enterprise software development pipelines.