Socket found seven malicious packages on PyPI The packages were abusing Gmail and WebSocket They were removed from the platform Several malicious PyPI packages were recently observed abusing Gmail to ...

CrowdStrike, Google, and the Shadowserver Foundation dismantled the GlassWorm malware operation, but experts say the broader ...

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious versions anyway. The CI/CD Trust-Chain Audit Grid maps the six gaps it ...

PCWorld reports that Microsoft is restoring the missing ‘Refresh’ and ‘Print’ options to Windows 11 File Explorer’s right-click context menu after user complaints. These essential features are ...

The IRS shut down its direct filing program for 2026, but Free File, Fillable Forms, MilTax, and some private tools remain—if you know where to look. Here’s how to navigate the free options still ...

(NEXSTAR) – In 2025, nearly 300,000 Americans used a new electronic system to file their taxes directly with the IRS for free. In 2026, that’s no longer an option. IRS Direct File launched as a pilot ...

WASHINGTON – The Justice Department has released hundreds of thousands of documents dealing with convicted sex offender Jeffrey Epstein, often with what women who accused him of abuse call “abnormal” ...

Graham Kates is an investigative reporter covering criminal justice, privacy issues and information security for CBS News Digital. Contact Graham at [email protected] or [email protected] ...