#cybersecurity
#cybersecurity

1 hour ago

Government, Scientific Entities Hit via Daemon Tools Supply Chain Attack

A sophisticated supply chain attack targets organizations through malicious code in Daemon Tools software, affecting multiple countries and sectors.

DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware

A supply chain attack on DAEMON Tools has compromised installers to deliver malicious payloads, affecting users globally since April 2026.

1 hour ago

Government, Scientific Entities Hit via Daemon Tools Supply Chain Attack

A sophisticated supply chain attack targets organizations through malicious code in Daemon Tools software, affecting multiple countries and sectors.

DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware

A supply chain attack on DAEMON Tools has compromised installers to deliver malicious payloads, affecting users globally since April 2026.

more#supply-chain-attack

fromExchangewire

1 hour ago

Digest: US Rethinks AI Safety Stance; Omnicom Data Chief Steps Down; Image AI Models Outpace Chatbots in App Growth

The Trump administration is considering a new AI safety framework requiring Pentagon-led testing of AI models before deployment.

2 hours ago

Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution

A critical buffer overflow vulnerability in Palo Alto Networks' PAN-OS allows unauthenticated remote code execution, affecting specific firewall versions.

Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls

Palo Alto Networks is addressing a critical zero-day vulnerability in PAN-OS affecting certain firewall models, allowing unauthorized code execution.

Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks

A new threat actor targets Southeast Asian government and military entities by exploiting a critical cPanel vulnerability.

4 hours ago

Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls

Palo Alto Networks is addressing a critical zero-day vulnerability in PAN-OS affecting certain firewall models, allowing unauthorized code execution.

Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks

A new threat actor targets Southeast Asian government and military entities by exploiting a critical cPanel vulnerability.

India orders infosec red alert in case Mythos sparks crime

India's Securities and Exchange Board urges immediate review of information security systems due to potential risks from AI-driven vulnerability identification tools.

fromFortune

14 hours ago

Jamie Dimon and Dario Amodei sidestep question about whether the AI cyber 'freakout' is warranted | Fortune

AI-enabled cyberattacks pose significant risks, with industry leaders acknowledging the potential dangers while discussing preparedness and solutions.

fromwww.aljazeera.com

Microsoft, Google, xAI give US access to AI models for security testing

The US government will evaluate AI models from tech giants for national security testing amid rising concerns over AI capabilities.

Singapore boffins get diverse SIEMs singing in harmony

A new technique translates security rules across multiple SIEMs, simplifying cyber-defense for organizations with diverse systems.

fromComputerWeekly.com

UK's NCSC warns of 'wave of patches' | Computer Weekly

AI-driven vulnerability discovery may lead to significant software updates and corrections in response to technical debt across organizations.

EU data protection

fromTNW | Eu

Why the EU is now demanding access to Anthropic's Mythos

Anthropic's Mythos AI model can identify zero-day vulnerabilities, raising geopolitical concerns and prompting discussions among European finance ministers.

7 hours ago

India orders infosec red alert in case Mythos sparks crime

India's Securities and Exchange Board urges immediate review of information security systems due to potential risks from AI-driven vulnerability identification tools.

fromFortune

14 hours ago

Jamie Dimon and Dario Amodei sidestep question about whether the AI cyber 'freakout' is warranted | Fortune

AI-enabled cyberattacks pose significant risks, with industry leaders acknowledging the potential dangers while discussing preparedness and solutions.

fromwww.aljazeera.com

Microsoft, Google, xAI give US access to AI models for security testing

The US government will evaluate AI models from tech giants for national security testing amid rising concerns over AI capabilities.

Singapore boffins get diverse SIEMs singing in harmony

A new technique translates security rules across multiple SIEMs, simplifying cyber-defense for organizations with diverse systems.

fromComputerWeekly.com

UK's NCSC warns of 'wave of patches' | Computer Weekly

AI-driven vulnerability discovery may lead to significant software updates and corrections in response to technical debt across organizations.

EU data protection

fromTNW | Eu

Why the EU is now demanding access to Anthropic's Mythos

Anthropic's Mythos AI model can identify zero-day vulnerabilities, raising geopolitical concerns and prompting discussions among European finance ministers.

more#ai

fromInside Higher Ed | Higher Education News, Events and Jobs

8 hours ago

"PAY OR LEAK": Hackers Target Big Higher Ed Vendor

Higher education institutions are increasingly targeted by cybercriminals, with a recent breach affecting 275 million individuals through a third-party vendor.

Why Trained Employees Are Still Falling for Phishing Attacks

AI-generated phishing messages are increasingly sophisticated, making them harder to detect and leading employees to fall for them despite training.

35,000 Users Targeted in Phishing Campaign in Just Two Days

A sophisticated phishing campaign targeted over 35,000 users across 13,000 organizations in 26 countries, primarily in the U.S.

Information security

Google AppSheet Abuse Helped Phish 30,000 Facebook Accounts

Information security

Microsoft Warns of Sophisticated Phishing Campaign Targeting US Organizations

Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools

An active phishing campaign using legitimate RMM software has targeted over 80 organizations since April 2025, enabling persistent remote access.

New Bluekit Phishing Kit Features AI Assistant

Bluekit is a sophisticated phishing kit with AI capabilities, automated domain registration, and extensive templates for various online services.

fromEntrepreneur

Why Trained Employees Are Still Falling for Phishing Attacks

AI-generated phishing messages are increasingly sophisticated, making them harder to detect and leading employees to fall for them despite training.

35,000 Users Targeted in Phishing Campaign in Just Two Days

A sophisticated phishing campaign targeted over 35,000 users across 13,000 organizations in 26 countries, primarily in the U.S.

Google AppSheet Abuse Helped Phish 30,000 Facebook Accounts

Hackers exploited Google AppSheet to send phishing emails, compromising 30,000 Facebook accounts globally.

Microsoft Warns of Sophisticated Phishing Campaign Targeting US Organizations

Microsoft warns of a phishing campaign using a 'code of conduct review' theme targeting organizations in the US.

Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools

An active phishing campaign using legitimate RMM software has targeted over 80 organizations since April 2025, enabling persistent remote access.

New Bluekit Phishing Kit Features AI Assistant

Bluekit is a sophisticated phishing kit with AI capabilities, automated domain registration, and extensive templates for various online services.

How AI Agents Are Creating a New Kind of Security Risk

Autonomous agents increase organizational attack surfaces by accessing sensitive data without human oversight or adequate security controls.

Widely used Daemon Tools disk app backdoored in monthlong supply-chain attack

A minimalistic backdoor and a complex backdoor called QUIC RAT were identified in targeted attacks on various organizations.

Kaspersky suspects Chinese hackers planted a backdoor into Daemon Tools in 'widespread' attack | TechCrunch

A backdoor in Daemon Tools has been identified, allowing hackers to target thousands of Windows computers and plant additional malware.

22 hours ago

Stealthy malware abuses Microsoft Phone Link to siphon SMS OTPs from enterprise PCs

A new .NET trojan and Pheno plugin exploit Microsoft's Phone Link to capture mobile authentication codes from Windows systems without compromising phones.

Sophisticated Deep#Door Backdoor Enables Espionage, Disruption

A new Python-based backdoor framework, Deep#Door, enables persistent remote command execution and surveillance on Windows systems.

fromArs Technica

13 hours ago

Widely used Daemon Tools disk app backdoored in monthlong supply-chain attack

A minimalistic backdoor and a complex backdoor called QUIC RAT were identified in targeted attacks on various organizations.

Kaspersky suspects Chinese hackers planted a backdoor into Daemon Tools in 'widespread' attack | TechCrunch

A backdoor in Daemon Tools has been identified, allowing hackers to target thousands of Windows computers and plant additional malware.

22 hours ago

Stealthy malware abuses Microsoft Phone Link to siphon SMS OTPs from enterprise PCs

A new .NET trojan and Pheno plugin exploit Microsoft's Phone Link to capture mobile authentication codes from Windows systems without compromising phones.

Sophisticated Deep#Door Backdoor Enables Espionage, Disruption

A new Python-based backdoor framework, Deep#Door, enables persistent remote command execution and surveillance on Windows systems.

Edge browser leaves passwords exposed in plain text, says researcher

Microsoft's lack of response to security issues is criticized as a failure to take responsibility.

Privacy professionals

15 hours ago

10 years after OPM data breach, identity protection benefits for affected feds start to expire

Identity theft protection services for federal workers affected by the 2015 OPM breach are expiring, marking the end of a decade-long federal response.

Washington DC

15 hours ago

Trump admin floats policy language limiting contractor say on agency uses of technology

The federal government is drafting policies to clarify its control over private sector technology use without external stipulations.

Digital life

fromAbove the Law

17 hours ago

Your Clients Have Estate Plans. Their Digital Lives Probably Don't. - Above the Law

Digital assets require careful planning in estate management to prevent financial disruption and loss of important data for families after death.

CISA unveils CI Fortify to help secure critical infrastructure during conflicts

CISA launched the CI Fortify project to help critical infrastructure defend against hackers and ensure continuity during geopolitical conflicts.

Information security

IBM security executive emerges as possible contender to lead CISA

Information security

Windows shell spoofing vulnerability puts sensitive data at risk

17 hours ago

CISA unveils CI Fortify to help secure critical infrastructure during conflicts

CISA launched the CI Fortify project to help critical infrastructure defend against hackers and ensure continuity during geopolitical conflicts.

Information security

IBM security executive emerges as possible contender to lead CISA

Information security

Windows shell spoofing vulnerability puts sensitive data at risk

more#cisa

Privacy professionals

Exclusive: What the Celebrity Stalkerware Breach Means for Executive Protection

A data exposure involving stalkerware targeted a celebrity, revealing sensitive information and highlighting risks for executives using personal devices for business.

17 hours ago

China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions

A China-nexus APT group, UAT-8302, targets government entities in South America and southeastern Europe using advanced malware like NosyDoor.

'CopyFail' attackers start cashing in on Linux flaw

A critical Linux kernel bug, CVE-2026-31431, allows low-level users to gain full control of systems, prompting urgent patching efforts.

Exploitation of 'Copy Fail' Linux Vulnerability Begins

A recently disclosed Linux kernel vulnerability allows root shell access, prompting urgent patching by federal agencies.

CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV

A critical Linux vulnerability allows unprivileged users to gain root access, impacting various distributions and requiring immediate patching.

'CopyFail' attackers start cashing in on Linux flaw

A critical Linux kernel bug, CVE-2026-31431, allows low-level users to gain full control of systems, prompting urgent patching efforts.

Exploitation of 'Copy Fail' Linux Vulnerability Begins

A recently disclosed Linux kernel vulnerability allows root shell access, prompting urgent patching by federal agencies.

CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV

A critical Linux vulnerability allows unprivileged users to gain root access, impacting various distributions and requiring immediate patching.

Privacy professionals

Hackers steal students' data during breach at education tech giant Instructure | TechCrunch

Information security

Trellix reports data breach following unauthorized access to source code repository

fromFast Company

Your architecture is the ceiling on your AI strategy. Here's how to raise it in 90 days

A data breach at Vercel occurred due to an employee's use of a compromised AI tool, highlighting risks in legacy architectures for AI deployment.

Information security

Trellix Source Code Repository Breached

Information security

Canvas Breach May Put 275M Users, 9,000 Schools at Risk

Information security

Instructure, Parent of Canvas, Confirms Data Breach

Privacy professionals

19 hours ago

Hackers steal students' data during breach at education tech giant Instructure | TechCrunch

Instructure confirmed a data breach involving students' private information, claimed by the hacking group ShinyHunters.

Trellix reports data breach following unauthorized access to source code repository

Unauthorized access to Trellix's source code repository has been confirmed, prompting an investigation with external forensics support.

fromFast Company

Your architecture is the ceiling on your AI strategy. Here's how to raise it in 90 days

A data breach at Vercel occurred due to an employee's use of a compromised AI tool, highlighting risks in legacy architectures for AI deployment.

Trellix Source Code Repository Breached

Trellix experienced a breach of its source code repository but found no evidence of exploitation or impact on its source code distribution process.

Canvas Breach May Put 275M Users, 9,000 Schools at Risk

Instructure confirmed a Canvas breach affecting user information and messages, with hackers claiming 275 million users and nearly 9,000 schools impacted.

Instructure, Parent of Canvas, Confirms Data Breach

Instructure confirmed a cyberattack affecting data from approximately 9,000 schools, with ShinyHunters claiming responsibility for the breach.

The Back Door Attackers Know About - and Most Security Teams Still Haven't Closed

OAuth tokens persist without expiration, creating significant security risks that many organizations fail to monitor effectively.

20 hours ago

Critical Bug Could Expose 300,000 Ollama Deployments to Information Theft

Ollama deployments are vulnerable to sensitive information theft due to a critical unauthenticated vulnerability affecting approximately 300,000 servers.

21 hours ago

ShinyHunters claims 119K Vimeo emails in the wild

Over 119,000 Vimeo users' email addresses were compromised due to a breach linked to a third-party analytics vendor.

22 hours ago

Popular Daemon Tools utility exploited in supply chain attack

Daemon Tools' official website is distributing trojanized installers, enabling a supply chain attack with remote control capabilities since April 8th.

#ai-governance

23 hours ago

New frontier of AI forces Trump's heavy hand

New AI models are prompting significant changes in cybersecurity oversight from the White House and federal agencies.

fromAdExchanger

Who Actually Owns AI Governance? | AdExchanger

AI governance is increasingly falling on privacy professionals, complicating existing governance structures and responsibilities.

23 hours ago

New frontier of AI forces Trump's heavy hand

New AI models are prompting significant changes in cybersecurity oversight from the White House and federal agencies.

fromAdExchanger

Who Actually Owns AI Governance? | AdExchanger

AI governance is increasingly falling on privacy professionals, complicating existing governance structures and responsibilities.

Trojan abuses Microsoft Phone Link app to steal your passwords

CloudZ Trojan targets Microsoft Phone Link to steal sensitive information through a plugin, posing a significant threat to users.

MetInfo, Weaver E-cology Vulnerabilities in Attackers' Crosshairs

Threat actors exploit critical vulnerabilities in MetInfo and Weaver E-cology for remote code execution without authentication.

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

A North Korea-aligned hacking group compromised a gaming platform to target ethnic Koreans in China using a backdoor called BirdCall.

fromwww.dw.com

Information security

North Korea rejects US cybercrime claims as 'absurd slander'

23 hours ago

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

A North Korea-aligned hacking group compromised a gaming platform to target ethnic Koreans in China using a backdoor called BirdCall.

fromwww.dw.com

Information security

North Korea rejects US cybercrime claims as 'absurd slander'

NHS to close-source GitHub repos over AI, security concerns

NHS is temporarily privatizing open source projects due to AI-related cybersecurity concerns.

Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries

A large-scale credential theft campaign targeted over 35,000 users using legitimate email services and code of conduct-themed lures.

The Art of Security: It Is Time to Rethink the CISO's Role

Businesses must transform the role of the CISO from a technical manager to a strategic leader in cybersecurity.

#eu

fromGSMArena.com

Mobile UX

EU advises member states against using Chinese networking equipment

Europe politics

fromwww.theguardian.com

EU forging closer ties with Armenia as it sends experts to help counter Russian interference

The EU is deploying experts to Armenia to combat Russian propaganda and support the country during a critical political period.

fromGSMArena.com

Mobile UX

EU advises member states against using Chinese networking equipment

Europe politics

fromwww.theguardian.com

EU forging closer ties with Armenia as it sends experts to help counter Russian interference

The EU is deploying experts to Armenia to combat Russian propaganda and support the country during a critical political period.

Ripple Shares DPRK Threat Data on Fraud Domains, Wallets, Campaigns

Ripple will provide DPRK-linked threat intelligence to Crypto ISAC to enhance security screening for crypto firms.

#ai-security

Trump administration considering safety review for new AI models

The White House is developing an AI security framework to assess vulnerabilities before public deployment of advanced AI models.

Indirect Prompt Injection Is Now a Real-World AI Security Threat

AI agents are vulnerable to prompt injection attacks, leading to data breaches and security risks in enterprise systems.

Cloudflare: Attackers are deceiving AI models with prompt injection

Attackers increasingly use prompt injection to manipulate AI models, influencing decision-making with simple text fragments.

Trump administration considering safety review for new AI models

The White House is developing an AI security framework to assess vulnerabilities before public deployment of advanced AI models.

Indirect Prompt Injection Is Now a Real-World AI Security Threat

AI agents are vulnerable to prompt injection attacks, leading to data breaches and security risks in enterprise systems.

Cloudflare: Attackers are deceiving AI models with prompt injection

Attackers increasingly use prompt injection to manipulate AI models, influencing decision-making with simple text fragments.

Operational technology providers are feeling 'annoyance' at exclusion from Anthropic's Mythos rollout, sources say

Operational technology providers seek access to Anthropic's Mythos model for cybersecurity, citing exclusion from initial rollout affecting critical infrastructure.

#ransomware

Privacy professionals

Sandhills Medical Foundation Notified Individuals of a May 2025 Data Breach

Information security

Cybersecurity Professionals Sentenced to Prison for Ransomware Attacks

Two US Security Experts Sentenced to Prison for Helping Ransomware Gang

Two cybersecurity experts were sentenced to four years in prison for their involvement in ransomware attacks.

Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks

Two cybersecurity professionals were sentenced to four years for facilitating BlackCat ransomware attacks in 2023.

Privacy professionals

Sandhills Medical Foundation Notified Individuals of a May 2025 Data Breach

Information security

Cybersecurity Professionals Sentenced to Prison for Ransomware Attacks

Two US Security Experts Sentenced to Prison for Helping Ransomware Gang

Two cybersecurity experts were sentenced to four years in prison for their involvement in ransomware attacks.

Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks

Two cybersecurity professionals were sentenced to four years for facilitating BlackCat ransomware attacks in 2023.

The future of IT service delivery is built on AI and automation

The traditional IT playbook is ineffective due to tool sprawl and operational inefficiencies, necessitating a more connected IT ecosystem.

Hackers are still exploiting the cPanel bug to gain control of thousands of websites | TechCrunch

Hackers are actively exploiting a critical vulnerability in cPanel and WHM, affecting over 550,000 servers and leading to numerous compromises.

Over 40,000 Servers Compromised in Ongoing cPanel Exploitation

Over 40,000 servers have been compromised due to a critical cPanel zero-day vulnerability, CVE-2026-41940, allowing unauthorized administrative access.

Critical cPanel exploited: 'Millions' of sites could be hit

CISA has identified a critical cPanel vulnerability being actively exploited, allowing attackers full server control.

Hackers are still exploiting the cPanel bug to gain control of thousands of websites | TechCrunch

Hackers are actively exploiting a critical vulnerability in cPanel and WHM, affecting over 550,000 servers and leading to numerous compromises.

Over 40,000 Servers Compromised in Ongoing cPanel Exploitation

Over 40,000 servers have been compromised due to a critical cPanel zero-day vulnerability, CVE-2026-41940, allowing unauthorized administrative access.

Critical cPanel exploited: 'Millions' of sites could be hit

CISA has identified a critical cPanel vulnerability being actively exploited, allowing attackers full server control.

The Coming Wave of Large-Scale Al-Enabled Cyberattacks

AI is transforming cybersecurity, empowering attackers with advanced capabilities that challenge traditional defenses.

Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More

Cyber attackers are increasingly exploiting vulnerabilities in SaaS environments, using sophisticated methods like vishing for data theft and control over systems.

fromInfoQ

Cloudflare Processes 10M+ Daily Insights with New Security Overview Dashboard

Cloudflare's new Security Overview dashboard consolidates security signals into actionable insights, prioritizing vulnerabilities for efficient risk management.

Cybersecurity M&A Roundup: 33 Deals Announced in April 2026

Airbus has entered into an agreement to acquire Quarkslab, a French cybersecurity company founded in 2011 with approximately 100 employees. The transaction is part of Airbus' broader strategy to build sovereign cybersecurity capabilities across Europe.

Information security

DigiCert Revokes Certificates After Support Portal Hack

DigiCert revoked certificates fraudulently obtained through a cyberattack targeting its support portal, affecting multiple customer accounts.

2026: The Year of AI-Assisted Attacks

AI-assisted tools are enabling non-technical individuals to conduct sophisticated cybercrimes, significantly increasing the frequency and severity of attacks.

Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia

A China-based cybercrime group is targeting organizations in Russia and India with a new malware called ABCDoor via phishing emails.

2026: The Year of AI-Assisted Attacks

AI-assisted tools are enabling non-technical individuals to conduct sophisticated cybercrimes, significantly increasing the frequency and severity of attacks.

Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia

A China-based cybercrime group is targeting organizations in Russia and India with a new malware called ABCDoor via phishing emails.

OpenAI Rolls Out Advanced Security for ChatGPT Accounts

OpenAI introduces Advanced Account Security for ChatGPT users to enhance protection against targeted hacking attacks.

Privacy technologies

OpenAI Introduces Password-Free Login for Millions of ChatGPT Users

OpenAI's Advanced Account Security replaces passwords with passkeys or security keys, enhancing protection against cyberattacks but limiting recovery options.

OpenAI Rolls Out Advanced Security for ChatGPT Accounts

OpenAI introduces Advanced Account Security for ChatGPT users to enhance protection against targeted hacking attacks.

Privacy technologies

fromwww.businessinsider.com

OpenAI Introduces Password-Free Login for Millions of ChatGPT Users

OpenAI's Advanced Account Security replaces passwords with passkeys or security keys, enhancing protection against cyberattacks but limiting recovery options.

more#account-security

Business

Berkshire Hathaway's first Q&A without Warren Buffett opened with a question from a deepfake Warren Buffett

Warren Buffett's likeness was used in a deepfake at Berkshire Hathaway's annual meeting to discuss the risks of cyberattacks and misinformation.

Privacy technologies

fromHarvard Gazette

Worried about how online firms use data they get from you? - Harvard Gazette

Keyring wallet allows users to verify identity while controlling personal information and reducing vulnerability to identity theft.

Ubuntu services hit by outages after DDoS attack | TechCrunch

Hacktivists launched a DDoS attack on Ubuntu and Canonical, disrupting services and preventing users from updating the operating system.

Pro-Iran group turns Ubuntu DDoS into shakedown

Canonical's web infrastructure is under a sustained DDoS attack by the pro-Iran hacktivist group 313 Team.

Ubuntu services hit by outages after DDoS attack | TechCrunch

Hacktivists launched a DDoS attack on Ubuntu and Canonical, disrupting services and preventing users from updating the operating system.

Pro-Iran group turns Ubuntu DDoS into shakedown

Canonical's web infrastructure is under a sustained DDoS attack by the pro-Iran hacktivist group 313 Team.

China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists

A new China-aligned espionage campaign targets government and defense sectors in Asia and Europe, exploiting vulnerabilities in Microsoft Exchange and IIS servers.

5 days ago

New Global Scam Uses Fake Meeting Links to Run PowerShell Malware

BlueNoroff hackers exploit fake Zoom calls and fileless malware to steal credentials from Web3 and cryptocurrency organizations.

fromwww.theguardian.com

Pentagon plans to make US military AI-first fighting force' by pairing with companies

The Pentagon has partnered with seven AI companies to enhance military capabilities and decision-making through advanced technology.

OpenAI locks GPT-5.5-Cyber behind velvet rope

OpenAI is releasing GPT-5.5-Cyber to select cyber defenders to enhance security for critical systems.

fromDeveloper Tech News

Open-source registries hit by 'Mini Shai-Hulud' supply chain attacks

The 'Mini Shai-Hulud' worm targets developer credentials across multiple ecosystems, exploiting vulnerabilities in popular packages to steal sensitive information.

Growth hacking