A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...

Now sites have a new way to spy on their visitors: measuring subtle interactions with their solid-state drives. The technique ...

Ghostwriter used Prometheus lures since spring 2026 to target Ukraine agencies, enabling malware delivery and data theft.

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens ...

Tycoon2FA has returned with new device-code phishing attacks targeting Microsoft 365 users through legitimate OAuth login ...

Copycat hackers are competing to win $1,000 for the largest supply chain attack using Shai-Hulud, an open-sourced worm that has brought down a few major open-source projects. Malicious NPM packages ...

A widely active phishing-as-a-service (PhaaS) operation known as FlowerStorm has begun using a browser-based virtual machine to conceal credential theft code, marking what researchers say is an ...

On April 29, 2026, someone hijacked four widely used SAP packages on the npm registry, slipped credential-stealing malware into them, and then did something that, according to researchers at Mend.io, ...

It’s time to unsheath your swords as a new Bleach-like experience, called Paradox, finally arrives on Roblox. Before you can upgrade your skills and parry enemies into a devastating blow, you will ...

17th April 2026: We added new The Forge codes. The Forge is a Roblox tycoon RPG about running a forge. In The Forge, you’ll mine to earn minerals and then forge them into cool weapons through a few ...

31st May 2026: We added new Universal Tower Defense X codes. Universal Tower Defense X is a classic Roblox tower defense game that’s packed with characters from popular anime and game series. In UTDX, ...