Memeburn

GitHub Hack Exposes 3,800 Repos and a Bigger VS Code Risk

GitHub hack exposed 3,800 internal repos through a poisoned VS Code extension, raising new concerns over developer supply ...
Microsoft

The Gentlemen ransomware: Dissecting a self-propagating Go encryptor

Microsoft Threat Intelligence presents a comprehensive analysis of The Gentlemen, a Go-based ransomware deployed by ...
CoinJournal

TrapDoor attack targets crypto wallets, AWS keys and GitHub tokens

A coordinated malware campaign known as TrapDoor has hit software ecosystems widely used by crypto and blockchain developers.
InfoWorld

As AI speeds coding, CVE Lite CLI keeps security deliberately AI-free

The OWASP-backed tool scans JavaScript and TypeScript lockfiles locally, aiming to help developers catch and remediate dependency risks before CI failures.
Microsoft

From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities

Microsoft exposes a cryptojacking campaign using SEO poisoning and ScreenConnect to target high-performance PCs, with ...

Millions of AI agents imperiled by critical vulnerability in open source package

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to ...
Dark Reading

For Enterprises, Security Remains Agentic AI's Biggest Challenge

Every company may need an agentic AI strategy, but the tools to allow frameworks such as OpenClaw to be securely used have ...

Google blocked the first known AI-powered attack on 2FA accounts; here is how hackers tried to break in, know how to stay safe

Foreign hackers attempted a novel AI-powered cyberattack targeting two-factor authentication using a zero-day exploit. Google ...
Techopedia

SpaceX’s Starlink Feuds With Pentagon Over Pricing Ahead of IPO | This Week in IT

Suswati Basu is a multilingual, award-winning editor. She was shortlisted for the Guardian Mary Stott Prize and longlisted for the Guardian International Development Journalism Award.… According to ...

BTMOB Android malware service generates custom phishing payloads

An Android remote access trojan named BTMOB is offered to cybercriminals with a builder interface for generating malware ...
Bleeping Computer

Hackers exploit FortiClient EMS flaw to push infostealer malware

Hackers are exploiting an authentication bypass vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) to deliver an undocumented credential stealer called EKZ. The attacker ...