The Google Threat Intelligence Group warns of the UNC3753 group. The attackers pose as IT technicians on-site to steal data ...

A Rust infostealer called IronWorm hid in 36 npm packages from the Arweave ecosystem. The malware self-replicated and then pushed backdated malicious commits across nine organizations. Developers who ...

Multiple npm supply chain attacks used 50+ poisoned packages to spread IronWorm, a Rust-based stealer, and a Miasma worm ...

With the rise of AI coding assistants continuing apparently unabated, some project maintainers have begun striking back. Ars Technica reports on projects putting hostile directions into the ...

Cisco patched a Unified CM flaw allowing unauthenticated network attackers to write files and escalate to root.

Cisco Unified Communications Manager vulnerability CVE-2026-20230 allows unauthenticated attackers to gain root access via ...

A new supply-chain attack has infected 36 packages on the Node Package Manager (npm) index with infostealer malware called IronWorm. The malware targets 86 environment variables (key-value pairs) and ...

Learn why Linux Kernel developers want to deprecate AF_ALG features, and the security concerns driving the decision.

OliveTin puts all my annoying server jobs behind browser buttons within easy reach.

Google is implementing a networking upgrade for Android that could make local file sharing and network access feel much more ...

Ubiquiti released a new security bulletin detailing fixes for six security issues, including one rated 9.1 (critical) and one scoring a perfect 10.0 on the CVE risk scale. The vulnerabilities ...