Expired domain leads to supply chain attack on node-ipc npm package
A popular npm package called node-ipc has been compromised, with hackers publishing malicious versions that bundle credential stealing malware. The...
Vibe Coding Cheat Sheet: Tools, Prompts, Security Tips, and More
This vibe coding cheat sheet explains how plain-language prompts can build apps fast, plus the planning, testing, and security checks needed.
The post Vibe Coding...
Metasploit Wrap-Up 05/15/2026
Weaponizing a text editor for fun and profitGather round, dear readers, because today, we (by we, we mean @h00die) dropped the ultimate persistence mechanism:...
The AWS AI Security Framework: Securing AI with the right controls, at the right...
TL;DR for busy executives The AWS AI Security Framework helps security leaders move fast and stay secure with AI. Security compounds from day 1...
OpenAI Warns Mac Users to Update Apps After Supply-Chain Attack
OpenAI says Mac users must update ChatGPT, Codex, and Atlas apps by June 12 after an npm supply-chain attack exposed signing certificates.
The post OpenAI...
Gremlin Stealer Evolves into Modular Threat with Advanced Evasion Capabilities
A new Gremlin stealer variant has evolved into a modular toolkit with advanced evasion and data theft capabilities, according to new Unit 42 research...
CVE-2026-40379 Azure Entra ID Spoofing Vulnerability
Corrected CVE title. This is an informational change only. - Read more
Microsoft Reports Severe Zero-Day Flaw in On-Prem Exchange Servers
The zero-day vulnerability affects on-premises installations for all versions of Exchange Server 2016, 2019 and Subscription Edition - Read more
Jaguar Land Rover profit slumps after cyber attack
The financial impact of last year’s cyber attack on Jaguar Land Rover continues to be felt, with full-year sales and profits at the carmaker...
Developer withdraws plans for Perth datacentre after fierce community opposition
Three-storey GreenSquare datacentre in Hazelmere was to power cloud computing and the acceleration of AIGet our breaking news email, free app or daily news...
Latest article
GreatXML zero-day BitLocker bypass doesn’t seem to work, yet
A disgruntled researcher who has been publishing zero-day Microsoft Windows vulnerabilities for the past several months released a new exploit...
New Windows Zero-Day Claims BitLocker Bypass Amid Microsoft Disclosure Fight
A new Windows zero-day reportedly bypasses BitLocker, adding pressure on Microsoft as researchers debate the exploit’s real-world impact.
The post New Windows Zero-Day Claims BitLocker...
Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks
One of the most persistent hacking groups in the world has found a new way to stay hidden. The threat actor known as...
Ransomware Payment Crypto Laundering Platform Taken Out by FBI and Europol
Domain of dark web money laundering platform AudiA6 seized and suspects arrested in joint operation by the FBI, Europol and others - Read...
