Three malicious npm packages are targeting JavaScript developers to steal browser logins, API keys, and cryptocurrency wallet data. The packages, named bitcoin-main-lib, bitcoin-lib-js, and bip40,…
Security teams spend a lot of time stitching together checks across container images, running workloads, and deployment pipelines. The work often happens under time pressure,…
Australian insurance provider Prosura is investigating a cyber incident after detecting unauthorized access to parts of its internal systems, which has resulted in fraudulent emails…
Vulnerabilities in a very popular Bluetooth system-on-a-chip (SoC) can be used to indirectly compromise smartphones, researchers at Germany’s Enno Rey Netzwerke (ERNW) have found. Devices…
Jan 08, 2026Ravie LakshmananVulnerability / KEV Catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws impacting Microsoft Office and…
Many voice protection tools promise to block cloning by adding hidden noise to speech. Researchers at a Texas university found that widely used voice protection…
In the world of modern software engineering, deploying an application to production is no longer the finish line, it’s the beginning of an entirely new…
Hackers are exploiting VMware ESXi instances in the wild with a zero-day exploit toolkit that chains multiple vulnerabilities for VM escapes. Cybersecurity firm Huntress disrupted…
China’s state-sponsored cyber operations against Taiwan have intensified dramatically, with threat actors launching an average of 2.63 million intrusion attempts daily targeting critical infrastructure across…
LockBit has solidified its position as the most prolific ransomware-as-a-service (RaaS) operation globally, accounting for approximately 21% of all documented ransomware attacks in 2023, following…
A slowly unfolding high profile data breach affecting trans-Tasman health information portal ManageMyHealth has thousands of registered patients on edge as to whether their highly…
ToddyCat, a sophisticated cyber-espionage threat group also known as Websiic and Storm-0247, has emerged as a significant risk to organizations across Europe and Asia. The…
