Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain. The attack typically begins when a victim downloads a business-themed ZIP ...

When custom tools beat built-in ones.

Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and ...

No more fighting an endless article backlog.

Lovable has always been for building apps. Today, it also becomes your data scientist, your business analyst, your deck ...

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were receiving unauthorized patch updates, all containing the same hidden ...

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

OpenAI announced Thursday that it has entered into an agreement to acquire Astral, the company behind popular open source Python development tools such as uv, Ruff, and ty, and integrate the company ...

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...

ClickFix campaigns spread MacSync macOS infostealer via malicious Terminal commands since Nov 2025, targeting AI tool users ...

Opal Security, the modern identity security and access governance company, today announced three new AI-native capabilities that together form the industry's first unified platform for seeing, ...