- PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials
- ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories
- New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials
- EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades
- New Linux ‘Copy Fail’ Vulnerability Enables Root Access on Major Distributions
- Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution
- SAP npm Packages Compromised by “Mini Shai-Hulud” Credential-Stealing Malware
- New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs
- Webinar: How to Automate Exposure Validation to Match the Speed of AI Attacks
- What to Look for in an Exposure Management Platform (And What Most of Them Get Wrong)
- Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately
- CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV
- LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure
- Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push
- Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign
