The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

LeakNet ransomware uses ClickFix attacks on hacked sites to trick users into running malicious commands and stealing data.

A large-scale GlassWorm malware campaign targeting developer platforms appears to be significantly more extensive and sophisticated than previously ...

A new exploit kit for iOS devices and delivery framework dubbed "Darksword" has been used to steal a wide range of personal information, including data from cryptocurrency wallet app.

A cryptocurrency scam known as "ShieldGuard" has been dismantled after researchers identified it as a malicious browser extension designed to harvest sensitive user data. The operation, uncovered by ...

在开源生态高度繁荣的今天，一行代码、一个权限、一款插件，都可能成为引爆供应链安全危机的导火索。本文作者亲历了自己维护 8 年的知名开源项目 Neutralinojs 遭遇恶意攻击，且他的经历并非个例，而是一个典型信号：供应链攻击已经从“攻击代码”，演变为“攻击信任关系”。它不再依赖传统Bug，而是潜伏在协作者权限、开发流程乃至 AI 插件生态之中，悄无声息地发生。 很多时候，我们总是担心想象中的风 ...

Synthesizing the Top 10 AI Questions of 2024–2026 - I was recently struck by a capability in the pro version of Gemini ...

Google has released an emergency update to its popular Chrome web browser — and this isnot an update that you can afford to ...

The phishing site it is not affiliated with Igloo Inc or Pudgy Penguins, but is designed to lure fans and steal their crypto passwords.