The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
The Glassworm campaign has compromised over 151 GitHub repositories and npm packages using invisible Unicode payloads that ...
Cloud attacks are getting faster and deadlier - here's your best defense plan ...
Hackers exploited a compromised npm package to breach cloud systems and gain full AWS administrator access within 72 hours.
UNC6426 used stolen GitHub tokens from the 2025 nx npm breach to gain AWS admin access in under 72 hours, enabling data theft ...
Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file data to the threat actors. The Rust packages, published to ...
A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Google's Threat Intelligence Group (GTIG) has a new report out about a powerful iOS exploit kit called "Coruna," which traveled from a surveillance vendor's customer to a Russian espionage group to ...
An Android-specific malware targeting mobile device takeover appears to use generative AI (GenAI) services in its execution flows to maintain persistence on the victim’s smartphone, researchers at ...
As U.S.-backed negotiations between Russia and Ukraine in Geneva ended without a breakthrough, Kyiv made gains on the battlefield, recapturing territory at its fastest pace in years through localized ...
Threat actors now have the ability to exploit a new zero-day vulnerability in the Chrome browser, Google has advised IT administrators. The warning comes after Google released a patch for Chrome to ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results