News • Insights • Analysis
There’s a huge hole and no one is patching it thus far. A critical, remote code execution (RCE) bug in Gogs, a popular open-source self-hosted Git service, can be exploited by any authenticated user – no special privileges required – Read More …
OpenAI says attackers behind the TanStack npm supply chain compromise stole internal credentials after reaching two employee devices, forcing the company to rotate signing certificates for several desktop products. The company disclosed this week that it had been caught up in the Read More …
An attacker has published 84 malicious versions of official TanStack npm packages, with the impact including credential theft, self-propagation, and complete disk wipe of an infected host. The attack is part of a wave of attacks across npm and PyPI, Read More …
Since our February 2026 report on AI-related threat activity, Google Threat Intelligence Group (GTIG) has continued to track a maturing transition from nascent AI-enabled operations to the industrial-scale application of generative models within adversarial workflows. This report, based on insights Read More …
Instructure, the edtech giant behind the popular Canvas learning system, has confirmed suffering a cyberattack and losing sensitive customer data. The company issued a brief statement, confirming the hit, “While our investigation continues alongside our outside forensics experts, at this Read More …
In early May 2026, Kaspersky researchers identified installers of the DAEMON Tools software, used for mounting disk images, to be compromised with a malicious payload. These installers are distributed from the legitimate website of DAEMON Tools and are signed with Read More …
In previous research, Trend Micro have demonstrated how AI can be used to improve detection accuracy when new malware families emerge, particularly those that reuse or share code from open-source repositories. In this blog entry, Trends Micro researchers present another Read More …
Void Dokkaebi, also tracked as Famous Chollima, is a North Korea-aligned intrusion set that systematically targets software developers who hold cryptocurrency wallet credentials, signing keys, and access to continuous integration/continuous delivery (CI/CD) pipelines and production infrastructure. As previously documented by Read More …
In late March 2026open on a new tab, Anthropic inadvertently released the internal Claude Code source material as part of an npm package that included a large internal source map file. Although the incident stemmed from a simple packaging mistake, Read More …
Southeast Asian governments were recently targeted by a highly sophisticated supply chain attack as part of a wider cyber-espionage campaign, which experts believe is the work of the Chinese government. Security researchers Check Point detailed their findings on Operation TrueChaos, Read More …
