ThreatsDay Bulletin covers AI abuse, poisoned packages, phishing, macOS attacks, SD-WAN flaws, scams, and supply-chain ...

Or, if you prefer, you can use the "Download Zip" button available through the main repository page. Downloading the project as a .ZIP file will keep the size of the ...

Three popular plugins served malicious JavaScript through a compromised CDN.

CHEYENNE, Wyo. — The clapboard house sits off a gravel road on the outskirts of town, partly hidden behind a fence and a heaping pile of trash. Here, amid grassland that stretches for miles, ...

Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...

Recently, npm, the essential package manager used by developers worldwide, suffered a massive supply chain attack. This ...

The Miasma credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain ...

Scotland thrash Bolivia and are in decent fettle one week out from the biggest game of their international lives.

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows. The campaign was ...