Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...

Hackers are exploiting CVE-2026-5027, a high-severity path traversal issue in Langflow, for remote code execution.

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

Cybercriminals paid between $5,000 and $9,000 to make their malware harder to detect on Windows, highlighting its effectiveness and a shift in how the cybercrime market operates. Microsoft has ...

Grafana Labs, the maker of its eponymous popular open source web visualization software, confirmed it had been hacked but that it refused to pay the hackers who had threatened to release the company’s ...

Apple supplier Foxconn has confirmed a cyberattack on several of its U.S. factories, after a ransomware group claimed to have stolen confidential Apple project files as part of the hack. The Nitrogen ...

Foxconn, a critical supplier for major hardware companies including Apple and Nvidia, confirmed Tuesday that a cyberattack struck its North American operations. And the group behind the attack claims ...

Ransomware continues to pose a serious threat to U.S. critical infrastructure, with more than 2,100 related incidents reported to federal authorities in 2025, according to the latest FBI Internet ...

If you've ever trusted your bank to keep your financial data safe, this incident will hit close to home. A behind-the-scenes tech company used by banks has revealed that more than 672,000 people had ...

The entire source code for Anthropic’s Claude Code command line interface application (not the models themselves) has been leaked and disseminated, apparently due ...