Monday cybersecurity recap on evolving threats, trusted tool abuse, stealthy in-memory attacks, and shifting access patterns.

OpenAI's Codex desktop app now controls your Mac, runs its own browser, and generates images in a new update released today.

Axios, a widely used JavaScript library, is affected by a new critical vulnerability that enables attackers to chain exploits ...

The 2024 XZ incident illustrates how open-source software (OSS) has become strategic infrastructure in the global economy, ...

Spread the loveIn a chilling reminder of the vulnerabilities inherent in open source software, two significant supply chain attacks occurred in March 2026, targeting widely used tools that affect a ...

Hackers linked to North Korea compromised the widely used Axios npm package by tricking a maintainer into installing malware ...

CVE-2025-59528 exploited in Flowise for over six months across 12,000+ exposed instances, enabling full system compromise.

Two CISOs dissect the Axios npm attack, revealing a self-erasing RAT, CI/CD compromise risks and why open-source software ...

This report discloses a high-severity item duplication exploit targeting CMI's shulker box quick-open functionality. The exploit can be triggered using client-side Litematica (projection/schematic mod ...

A six-month intelligence operation preceded the $270 million exploit of Drift Protocol and was carried out by a North Korean state-affiliated group, according to a detailed incident update published ...

The next wave of AI-powered cybersecurity attacks will be like nothing we’ve seen before. That’s the message AI company Anthropic sent in a leaked blog post last week, in which it warned that its ...

We believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. However, this potential compensation never ...