Topic

#security

1557 articles found

npm Supply Chain Under Siege as New Malware Worms Emerge

Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of over 50 legitimate packages to distribute a Rust-based information stealer and a self-spreading worm, respectively. According to JFrog, the information stealer "scrapes

#security

· about 1 hour ago· Graham Cluley

Got a LinkedIn message from a recruiter? It might be Chinese intelligence, warn FBI and MI5

If you've ever received an out-of-the-blue message via LinkedIn from a recruiter offering some well-paid consultancy work, intelligence agencies have a message for you: be very careful. Read more in my article on the Hot for Security blog.

#security

· about 3 hours ago· Cybersecurity Dive

Sprawling new House AI bill includes frontier model oversight, open-source security grants

The legislation has already drawn widespread criticism for its proposal to preempt state AI laws.

#ai#security#legislation#open-source#oversight

· about 3 hours ago· SecurityWeek

OWASP's New Tool Enables Rapid Detection and Resolution of Vulnerable Dependencies

CVE Lite CLI is a free, open-source command line tool that scans your projects in seconds and tells you exactly which included packages contain a vulnerability. The post OWASP Incubator Project Helps Developers Find and Fix Vulnerable Dependencies in Seconds appeared first on SecurityWeek.

#security

· about 4 hours ago· Bleeping Computer

Critical US Gas Stations Exposed: Vulnerable Tank Gauges Leave Door Open to Hackers

Over 900 automatic tank gauge (ATG) systems across the United States, used to monitor fuel and chemical storage tanks across various critical infrastructure sectors, have been found exposed online and are vulnerable to ongoing attacks. [...]

#security

· about 5 hours ago· Bleeping Computer

What 2026 DBIR Confirms: Attacks Are Living in the Browser

Phishing, shadow AI, malicious extensions, and credential theft increasingly happen inside the browser. Keep Aware explains what the 2026 Verizon DBIR reveals about browser-layer security gaps and modern attacks. [...]

#security

· about 5 hours ago· The Hacker News

New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework

Cybersecurity researchers have discovered a previously unreported threat cluster dubbed OP-512 that has been observed targeting Microsoft Internet Information Services (IIS) servers to deploy a bespoke web shell framework. ReliaQuest has assessed with moderate to high confidence that the espionage-f

#security

· about 6 hours ago· SecurityWeek

In Other News: Anthropic Maps AI Threats, Unpatched Comodo Flaw, Palantir Chief Eyed for CISA

Other noteworthy stories that might have slipped under the radar: Ultrahuman data leak, The Gentlemen ransomware analysis, Hola Browser bundles miner. The post In Other News: Anthropic Maps AI Threats, Unpatched Comodo Flaw, Palantir Chief Eyed for CISA appeared first on SecurityWeek.

#security

· about 6 hours ago· Dark Reading

India to See Implications of US' New AI Model Regulation Push

The White House's executive order establishes voluntary framework for early government access to frontier models while investing in federal security.

#security

· about 7 hours ago· SecurityWeek

Chrome 149 Patches 429 Vulnerabilities

Over 100 bugs are critical or high-severity, mainly use-after-free and insufficient validation of untrusted input flaws. The post Chrome 149 Patches 429 Vulnerabilities appeared first on SecurityWeek.

#security

· about 7 hours ago· SecurityWeek

Hackers Leak DentaQuest Information Impacting 2.6 Million

The ShinyHunters extortion group leaked roughly 234 GB of data allegedly stolen from the dental benefits administrator. The post Hackers Leak DentaQuest Information Impacting 2.6 Million appeared first on SecurityWeek.

#security

· about 7 hours ago· The Hacker News

Just 10% of SOCs Feel AI Delivers Exceptional Value; What’s Next?

Eighteen months ago, the AI SOC was a marketing line. Today it's a budget item. The category has crossed over from interesting to inevitable, with billions of dollars now flowing into AI-powered security operations platforms, agentic SOC tools, and AI co-pilots built into every layer of the security

#security

· about 9 hours ago· SecurityWeek

Industry Reactions to New Trump AI Cybersecurity Executive Order: Feedback Friday

Experts commented on the EO’s voluntary nature, the balance between innovation and security, and potential implementation gaps. The post Industry Reactions to New Trump AI Cybersecurity Executive Order: Feedback Friday appeared first on SecurityWeek.

#security

· about 10 hours ago· SecurityWeek

Five Eyes: Chinese Spies Target Government, Military Staff With Fake Job Opportunities

Posing as recruiters on online platforms, Chinese intelligence officers target personnel with access to classified or privileged information. The post Five Eyes: Chinese Spies Target Government, Military Staff With Fake Job Opportunities appeared first on SecurityWeek.

#security

· about 10 hours ago· The Hacker News

Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites

Threat actors are actively exploiting a critical security flaw in Everest Forms Pro, a WordPress plugin with about 4,000 active installations, to execute arbitrary code, leading to a complete site compromise. The vulnerability in question is CVE-2026-3300 (CVSS score: 9.8), a remote code execution b

#security

· about 11 hours ago· SecurityWeek

RCI nightclub chain confirms data breach impacting 40,000 customers

The company detected a network intrusion in March and an investigation showed that some files were stolen during the attack. The post Nightclub Giant RCI Says Data Breach Affects 40,000 Individuals appeared first on SecurityWeek.

#security

· about 11 hours ago· Coinpedia

Zcash Trust Crisis Persists Despite Fix for Orchard Vulnerability

The post Zcash Orchard Vulnerability Is Fixed, but a Trust Crisis Remains as Supply Concerns Threaten ZEC Recovery appeared first on Coinpedia Fintech News Zcash (ZEC) price was defying the broader market weakness and appeared on track to reclaim the $700 mark before a critical vulnerability abruptl

#zcash#cryptocurrency#blockchain#security#trust-crisis

· about 13 hours ago· CoinDesk

Zcash plummets 30% as Shielded Labs reveals a major bug that went undetected for four years

Shielded Labs revealed that the bug could have helped an attacker print unlimited counterfeit tokens. That could have damaged trust in the token's supply and its value.

#zcash#crypto#blockchain#security#bug-bounty

· about 14 hours ago· Coinpedia

Zcash Bug: What Happened and Why ZEC is Falling Today

The post Zcash Bug: What Happened and Why ZEC is Falling Today appeared first on Coinpedia Fintech News Zcash ZEC price crashed today after founder Zooko Wilcox disclosed a critical vulnerability that could have allowed attackers to create unlimited counterfeit ZEC within the network’s Orchard shiel

#zcash#cryptocurrency#blockchain#security#price-crash

· about 17 hours ago· SANS Internet Storm

ISC Stormcast: Key Security Insights for June 5, 2026

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

#security#cybersecurity#threat-intelligence#incident-response

Page 1 of 78Next →