Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...
GHENT, Belgium, April 20, 2026 (GLOBE NEWSWIRE) -- Aikido Security today launched Aikido Endpoint, a lightweight security agent that protects developer devices against software supply chain attacks by ...
GlassWorm malware uses a Zig-based dropper to infect developer tools, stealing data and spreading across IDEs.
A ClickFix campaign targeting macOS users delivers an AppleScript-based infostealer that collects credentials and live ...
Vercel breached after attacker compromised Context.ai, hijacked an employee's Google Workspace via OAuth, and accessed ...
Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for building custom LLM apps and agentic systems to execute arbitrary code. The ...
Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a cross-platform RAT. Axios sits in 80% of cloud environments. Huntress confirmed ...
The supply chain attack on third-party library Axios has forced OpenAI to revoke its code-signing certificate and require ...
An attacker purchased 30+ WordPress plugins on Flippa, planted backdoors that lay dormant for eight months, then activated ...
Adobe Acrobat and Reader users are under attack from hackers using a zero-day vulnerability. Update within 72 hours, Adobe ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results