Miasma compromised 32 Red Hat packages June 1 via a hijacked CI/CD pipeline producing valid SLSA attestations, then hit 57 more June 3 using Phantom Gyp to evade install monitors. Red Hat confirmed no ...

Gong and other scholars have been issuing warnings about the security vulnerabilities of AI agents for a while. They publish ...

In fall, hoards of winter ticks latch on to New Hampshire’s moose — sometimes upward of 50,000 per adult animal.

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...

Days after IBM and Red Hat announced a master security plan for open-source software, Red Hat suffers a major breach of its ...

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.

The comments on some Steam Profiles are actually loaded with invisible malware.

Weedhack malware targets Minecraft players via YouTube and SEO poisoning since Jan 2026, enabling credential theft and remote ...

For more than 25 years, Fortinet has proven that long-term technological leadership is inseparable from fiscal resilience.

SVG phishing email attacks are bypassing enterprise email security gateways by hiding JavaScript inside image files and ...

A sneaky IAB operation uses a malicious traffic distribution system (TDS) to redirect visitors of trusted websites to ones ...

Hackers published 96 malicious package versions, injected with a credential-stealing worm similar to Mini Shai-Hulud. On Monday, hackers hit Red Hat’s NPM repository in a new supply chain attack, ...