The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
Anthropic’s AI turned Firefox and Windows software patches into exploits within hours, including one Windows proof-of-concept ...
SVG phishing email attacks are bypassing enterprise email security gateways by hiding JavaScript inside image files and ...
Attackers are increasingly abusing legitimate system utilities and widely used administrative tools to deliver malware, move through networks and avoid detection, forcing security teams to rethink ...
Multiple npm supply chain attacks used 50+ poisoned packages to spread IronWorm, a Rust-based stealer, and a Miasma worm ...
Miasma compromised 32 Red Hat packages June 1 via a hijacked CI/CD pipeline producing valid SLSA attestations, then hit 57 more June 3 using Phantom Gyp to evade install monitors. Red Hat confirmed no ...
Ableton has launched the public beta of the Extensions Software Development Kit (SDK), an “experimental playground” and JavaScript toolkit that can be used to develop Extensions, customized tools, ...
Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...