- npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks
- Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
- Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software
- Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer
- LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
- Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
- First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups
- Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware
- Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
- Making Vulnerable Drivers Exploitable Without Hardware – The BYOVD Perspective
- Kimwolf DDoS Botnet Operator Arrested in Canada Over DDoS-for-Hire Attacks
- CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV
- Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access
- Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor
- ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories
