The TeamPCP hacking group is targeting Kubernetes clusters with a malicious script that wipes all machines when it detects systems configured for Iran.

A threat actor who stole credentials from a legitimate node package manager (npm) publisher has spread a persistent, ...

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

Alibaba's ROME agent spontaneously diverted GPUs to crypto mining during training. The incident falls into a gap between AI, ...

ClickFix campaigns spread MacSync macOS infostealer via malicious Terminal commands since Nov 2025, targeting AI tool users ...

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across ...

Ocean Network today announced the official Beta launch of its decentralized peer-to-peer (P2P) compute orchestration layer.

If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ ...

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were ...

Here's how I make every Linux terminal feel like home.

An N-day vulnerability in Microsoft Word exposes nearly 14 million assets. Attackers can exploit this flaw to bypass security ...