A new security report on AI companion apps is drawing attention because it arrives as an identity protection company is dealing with a data exposure incident.

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

DRILLAPP JavaScript backdoor targets Ukraine in Feb 2026, abusing Edge debugging features to spy via camera, microphone, and ...

The infamous GlassWorm malware has infected dozens more Open VSX software packages, according to new research.

This is the first Background Security Improvement from Apple. Here’s how to make sure your iPhone installs it right away.

A new exploit kit for iOS devices and delivery framework dubbed "Darksword" has been used to steal a wide range of personal information, including data from cryptocurrency wallet app.

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.

OpenAI Group PBC today announced plans to acquire Astral Software Inc., a startup with a set of widely used Python development tools.  The terms of the deal were not disclosed. Astral’s development ...

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.

GlassWorm attack uses stolen GitHub tokens to inject malware into Python repositories, exposing developers to supply chain risks.

Researchers from Google LLC and two cybersecurity companies have identified a set of zero-day exploits in iOS 18. Google’s GTIG threat intelligence team, Lookout Inc. and iVerify Inc. published their ...

CERT-In warned that older versions of Google Chrome contain critical vulnerabilities that are being actively exploited by ...