A large-scale campaign impersonates open-source and freeware project portals to redirect users through a gated TDS and ...

Your Monday cybersecurity recap covers the latest digital threats, exposed weaknesses, active attacks, and security stories ...

Two months after Rapid7 discovered the hole in the Git service, the project maintainer has yet to patch the bug.

Reported over three years ago and allegedly still not properly fixed, the vulnerability enables attacks to execute JavaScript ...

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has ...

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and virtually all other ...

In an ongoing cyberattack, hackers have compromised several popular open source projects that software developers all over the world rely on. On Tuesday, cybersecurity firms StepSecurity and SafeDep ...

A security researcher has released an exploit targeting a Windows vulnerability disclosed in 2020, warning that it might have never been patched. The flaw, tracked as CVE-2020-17103 (CVSS score of 7.0 ...

A cybersecurity researcher has released a proof-of-concept exploit for a Windows privilege escalation zero-day dubbed "MiniPlasma" that lets attackers gain SYSTEM privileges on fully patched Windows ...

Apple's operating systems are known for their security, especially compared to their rivals in mobile and computing. Now, security researchers from a Palo Alto-based company called Calif claim they ...

Decentralized cross-chain liquidity protocol THORChain was exploited for roughly $10.8 million on Friday, with the attack affecting deployments across four different blockchains. In response, the ...

THORChain, the decentralized cross-chain liquidity protocol that enables swaps between major blockchain networks, appears to have been exploited for approximately $11 million across Bitcoin, Ethereum, ...