Your VPN choice just got a reality check. Malwarebytes Privacy VPN's first audit uncovered serious server setup risks, but swift fixes show they're serious about privacy.
One npm install, and boom—your cloud keys are en route to a hacker's server. Axios, the unsung hero of JS networking, just got turned into a trojan horse.
Your next npm install could drop a North Korean RAT on your machine. That's the brutal reality for devs worldwide after the Axios supply chain attack—and it's already hit finance, tech, and healthcare.
What if your most trusted HTTP client just became a backdoor? The Axios NPM package was compromised this week in a surgical hit, with signs pointing to North Korean actors.
Your desktop AI helper could be tomorrow's hacker playground. CrowdStrike's latest Falcon upgrades aim to lock it down — but shadow AI's wild west demands more than promises.
Your next innocent website tap could doom your iPhone. A leaked US hacking toolkit called Coruna exploits 23 iOS flaws to slip in undetectable malware, blurring lines between spies and street criminals.
If you've clung to your iPhone 11 or older on iOS 18, Apple's finally pushing DarkSword patches your way. Problem is, the exploit's already loose in the wild.
Attackers slipped infostealers into GitHub Actions and PyPI, turning vulnerability scanners against their users. Over 500,000 machines lost cloud tokens, SSH keys, and Kubernetes secrets in this escalating nightmare.
What if the phishing page you're staring at is the real deal, proxied through a criminal server? Starkiller makes it happen, stealing credentials and MFA in real time.
Over the last decade, even fully patched Android and iOS phones have fallen to mercenary hackers peddling zero-day exploits. Google's flipping the script with Advanced Protection mode in Android 16—a one-tap shield for those who can't afford to lose.
Picture this: AI supercharges nation-state hackers, turning code into weapons faster than defenders can patch. RSAC 2026 just mapped the battlefield.
2.5 billion Gmail users breathed a sigh of relief this week. Google slammed the door on breach hysteria, but phishing attacks are up—here's why you shouldn't ignore it.
Imagine spilling your medical history to ChatGPT, only for a hidden prompt to beam it to some hacker's server. That's not sci-fi—it's what just happened, and it exposes how flimsy these AI guards really are.
Digital trust is on life support. AI fakes and quantum hammers are swinging hard — thanks to insights from DigiCert's Amit Sinha.
Your company's security team just got a wake-up call from RSAC 2026. AI promises to automate threats away, yet the real fight stays stubbornly human.
Stryker's systems are humming again after a brutal data-wiping assault. Iranian hackers from Handala claimed victory—but the $22B giant fought back fast.