Security researchers found malicious code buried inside more than 30 of Red Hat's official software packages, built to ...

The tool gathered over 29,000 downloads before the malicious npm package was identified ...

Official Red Hat NPM accounts have been compromised and used to push a malicious worm that spreads from machine to machine, ...

Your Monday cybersecurity recap covers the latest digital threats, exposed weaknesses, active attacks, and security stories ...

Two months after Rapid7 discovered the hole in the Git service, the project maintainer has yet to patch the bug.

Reported over three years ago and allegedly still not properly fixed, the vulnerability enables attacks to execute JavaScript ...

Microsoft’s GitHub has suffered what appears to be its biggest ever security breach after confirming that attackers ...

A security researcher has released an exploit targeting a Windows vulnerability disclosed in 2020, warning that it might have never been patched. The flaw, tracked as CVE-2020-17103 (CVSS score of 7.0 ...

A cybersecurity researcher has released a proof-of-concept exploit for a Windows privilege escalation zero-day dubbed "MiniPlasma" that lets attackers gain SYSTEM privileges on fully patched Windows ...

OpenAI is telling every Mac user running its ChatGPT or Codex desktop app to update right now. The urgency traces back to a supply-chain attack on a popular open-source JavaScript toolkit called ...

Apple's operating systems are known for their security, especially compared to their rivals in mobile and computing. Now, security researchers from a Palo Alto-based company called Calif claim they ...

Decentralized cross-chain liquidity protocol THORChain was exploited for roughly $10.8 million on Friday, with the attack affecting deployments across four different blockchains. In response, the ...