An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive developer data and cryptocurrency wallets. [...]
Sent by a Spanish diplomat. Apparently people have been working on it since it was rediscovered in 1860.
The Litecoin network faced a security breach when a zero-day vulnerability triggered a 13-block reorganization, impacting several major mining pools. This disruption led to a temporary halt in...
The ShinyHunters extortion group stole the personal information of 5.5 million individuals after breaching the systems of home security giant ADT earlier this month, according to data breach...
The shift from static CVE scoring to risk-based prioritization signals a new era for Vulnerability Managers
AI vuln-hunter finds what humans taught it to find. Funny that
On Thursday, April 30 at 2:00 PM ET, BleepingComputer will host a live webinar with threat intelligence company Flare and threat intelligence researcher Tammy Harper, exploring how security teams...
Why decentralized identity will change authentication and trust across Europe
Medical device giant Medtronic disclosed last week that hackers breached its network and accessed data in "certain corporate IT systems." [...]
Siemens has announced significant expansions to its Industrial Edge ecosystem, accelerating data and AI integration and releasing enhanced... The post Siemens expands Industrial Edge to accelerate...
UK’s data watchdog confirms its boss has been off the job since February while an HR investigation runs The UK's data watchdog is without its chief after John Edwards stepped aside from the...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a malware analysis report on Firestarter after examining a... The post CISA, NCSC warn Firestarter malware enabling...
The U.K. National Cyber Security Centre (NCSC) developed intellectual property for a new cybersecurity device and licensed Goldilock... The post NCSC launches SilentGlass device to block...
22-year-old Evan Tangeman of Newport Beach, California, was sentenced to 70 months in prison for laundering funds stolen in a massive $230 million cryptocurrency heist. [...]
Three seconds of audio is all it takes to clone a voice for fraud. Adaptive Security shows how deepfake calls trick employees into sending real money—and why most defenses don't catch them. [...]
NIST’s shift toward selective CVE enrichment creates significant visibility gaps for teams relying solely on the National Vulnerability Database. As AI accelerates vulnerability disclosure rates,...
AI vuln-hunter finds what humans taught it to find. Funny that Opinion In retrospect, calling it Mythos made it a hostage to fortune. Anthropic may have hoped that the name implied its AI code...
Microsoft is investigating an ongoing Outlook.com outage that is causing intermittent signing issues and preventing customers from accessing their mailboxes. [...]
In April 2026, home security firm ADT confirmed a data breach by ShinyHunters, which listed the company on its website as part of a "pay or leak" extortion attempt. The breach impacted 5.5M unique...
Join us for this week's Kettle as we dive into GCN and the latest not-so-alarming revelations about Mythos KETTLE If you needed further evidence that AI comes first in pretty much everything...
The vulnerability exists in LiteLLM’s authentication flow, where the Authorization: Bearer header is directly concatenated into a SQL query without proper parameterization. This flaw allows...
In April 2026, online training company Udemy was the victim of a “pay or leak” extortion attempt perpetrated by the ShinyHunters group. The data was subsequently leaked publicly and contained 1.4M...
Cal.com considers AGPL a license to drill, but not everyone feels that way
Itron, Inc. has disclosed, via an 8-K filing with the U.S. Securities and Exchange Commission (SEC), a cybersecurity incident in which an unauthorized third party accessed certain internal systems. [...]
Cal.com considers AGPL a license to drill, but not everyone feels that way Opinion Cal.com has closed its commercial codebase, abandoning years of AGPL-3.0 licensing in a move that has alarmed the...
Cyber sovereignty is becoming clearer, and for critical infrastructure operators, that clarity could not have come soon enough,... The post Supply chain risk takes center stage in cyber...
The 31-year-old engineer and self-described indie game developer is suspected of firing shots at the annual event attended by President Donald Trump, high-profile media figures, and US government...
Cybersecurity researchers have discovered a new Lua-based malware created years before the notorious Stuxnet worm that aimed to sabotage Iran's nuclear program by destroying uranium enrichment...
Microsoft says it's rolling out a revamped Windows Insider Program experience as part of the broader plans to address performance and reliability concerns affecting Windows 11. [...]
Coming in cold with custom Snow malware