Tampered JavaScript in three Awesome Motive plugins exposed WordPress sites to rogue admin accounts and hidden backdoors.

Tech giant Toshiba and mega-retailer Muji warned visitors that suspicious sign-in screens popping up on their websites could ...

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...

Fresh concerns have emerged over CBSE’s online portal after a 19-year-old cybersecurity researcher alleged vulnerabilities ...

This week’s recap covers exploited flaws, supply chain attacks, phishing kits, AI lures, macOS stealers, urgent CVEs, tools, ...

An independent researcher highlights potential security weaknesses in the CBSE On-Screen Marking portal, raising questions about login, OTP, and data integrity during results season.

Nisarga Adhikary claimed he had hacked the CBSE website and identified serious lapses in the agency's On Screen Marking (OSM) system.

CBSE has responded to claims of security flaws in its On Screen Marking (OSM) system, denying any breach and assuring student data remains safe.

Security vendors and their customers have spent considerable time debating where to draw the line between “legitimate” AI agents and “malicious” bots. A 31-day campaign against a major consumer ...

With npm v12, GitHub closes a central attack vector: installation scripts from dependencies will only run after explicit ...

Hackers are targeting WordPress websites running a vulnerable version of the WP Maps Pro plugin, which allows creating rogue administrator accounts without authentication. The vulnerability, tracked ...

A newly discovered supply-chain campaign called TrapDoor has planted more than 34 malicious packages across npm, PyPI and Crates.io to target crypto and cloud developers. The packages, disguised as ...