Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...

Hackers are exploiting CVE-2026-5027, a high-severity path traversal issue in Langflow, for remote code execution.

Startup Pi counts xAI as one of its first customers, as its AI agent looks to fix security vulnerabilities for the world’s ...

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...

The malware used in the attack was dubbed “Miasma” and is described as a self-replicating worm designed to harvest login ...

The decentralized identity project said attackers compromised the keys of a foundation member and are dumping the stolen H ...

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

Christopher Nolan’s The Odyssey isn’t hitting theaters for another month or so, but if you’re already planning your trip to ...

Weekly ThreatsDay recap: old bugs, fake tools, shady payload tricks, AI mishaps, and the usual reminder that the internet is ...

A website called “UK visa portal” has been quietly collecting passport scans, selfies, and personal data from thousands of travellers who thought they were applying through official channels.

Clicking a captcha "I am not a robot" box and identifying images to prove it is second nature for many internet users. Now, cybercriminals are exploiting people's comfort with the routine to scam them ...