Backdoored PyTorch Lightning package drops credential stealer
A malicious version of the PyTorch Lightning package published on the Python Package Index (PyPI) delivers a credential-stealing payload targeting browsers, environment files, and cloud…
Latest Cybersecurity News — Page 126
View all →
pnpm 11 Turns On Minimum Release Age by Default to Reduce npm Supply Chain Risk
The npm ecosystem has long been a target for supply chain attacks, where threat actors exploit the open nature of public package registries to push…
Platform Engineering: The Rise of a Disciplinary Rethink
For years, organizations have celebrated the developer as the engine of innovation. They have invested in faster laptops, refined IDEs (Integrated Development Environments), and sprawling…
Microsoft Edge Found Storing Saved Passwords in Cleartext Memory at Startup
A new security finding reveals that Microsoft Edge loads every saved password into its process memory as cleartext the moment the browser launches. Even more…
Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia
Ravie LakshmananMay 04, 2026Malware / Network Security The China-based cybercrime group known as Silver Fox has been linked to a new campaign targeting organizations in…
Defender yanks root certs as Windows updates blocks backups
Microsoft has had users wondering what it was trying to achieve this week, following an update to its Defender anti-malware tool for Windows that removed…
DigiCert Revokes Certificates After Support Portal Hack
DigiCert last week announced that certificates fraudulently obtained from its internal support portal after a cyberattack were revoked. The attack, the company said in a…
Hackers target governments and MSPs via critical cPanel flaw CVE-2026-41940
Hackers target governments and MSPs via critical cPanel flaw CVE-2026-41940 Pierluigi Paganini May 04, 2026 Attackers exploit a critical cPanel flaw to target government and…
Arxis implements APRA-aligned resilience framework for Credit Union SA
Arxis says it has implemented an APRA-aligned operational resilience framework for Credit Union SA, as mutuals and other smaller financial institutions face growing regulatory and…
Anthropic Mythos spurs White House to weigh pre-release reviews for high-risk AI models
What a review might mean Pre-release evaluation of AI models is not a new idea, but it remains poorly defined in the US policy context.…
Elastic Conversational Entity Analytics for threat hunting — Elastic Security Labs
Entity Analytics is a core security analytics capability that extends Elastic Security from event-centric to entity-centric investigation. By focusing on critical entities, such as users,…
Weaver E-cology critical bug exploited in attacks since March
Hackers have been exploiting a critical vulnerability (CVE-2026-22679) in the Weaver E-cology office automation since mid-March to run discovery commands. The attacks started five days…