GlassWorm malware uses a Zig-based dropper to infect developer tools, stealing data and spreading across IDEs.

The supply chain attack on third-party library Axios has forced OpenAI to revoke its code-signing certificate and require ...

Researcher Haifei Li, founder of the exploit detection platform EXPMON, discovered a sophisticated attack that uses PDF files to spy on and potentially ...

An attacker purchased 30+ WordPress plugins on Flippa, planted backdoors that lay dormant for eight months, then activated ...

最近相次いで人気ライブラリがサプライチェーン攻撃の被害を受けている。3月24日には、人気のPythonパッケージ「LiteLLM」も被害を受けた。LiteLLMは、ChatGPTやGemini、Claudeなど人気のAPIを手軽に切り替えて使えるとい ...

A credit card skimmer campaign discovered in early 2025 and still actively tracked as of April 2026 has compromised an ...

A critical security vulnerability in Adobe Reader is being actively exploited by cybercriminals through a sophisticated and evolving ...

Adobe patches CVE-2026-34621 after active exploitation since Dec 2025, preventing remote code execution via malicious PDFs.

Cyber attackers are abusing the low-code automation platform n8n to push malware and track targets through phishing emails, in a campaign that security researchers say gathered pace between October ...

Adobe patches a critical PDF flaw exploited for months, allowing attackers to bypass sandbox protections and deliver malware.

The 2024 XZ incident illustrates how open-source software (OSS) has become strategic infrastructure in the global economy, ...