Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain.

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...

Windows “deletes” files—but this command makes them truly gone.

Overview Recently, NSFOCUS Technology CERT detected that the GitHub community disclosed that there was a credential stealing program in the new version of LiteLLM. Analysis confirmed that it had ...

Files on a central cloud server used by the ransomware group highlight a systematic, aggressive attack on network backups as ...

If you’re wrangling financial data, the choice between PDF and CSV formats can seriously impact your workflow. PDFs look ...

The desktop app can automate all kinds of tedious computing tasks, but the costs can quickly get out of hand. With help from ...

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

BuddyBoss was compromised in an ongoing supply chain attack that deployed malicious updates to over 300 WordPress sites, ...

RefTool brings reference camera controls into one Maya UI, with free and paid versions plus JSON export for reusable setups.