3+ hour, 47+ min ago  (256+ words) This supply chain campaign specifically targets developers operating within Chinese enterprise. NET ecosystems, exposing tens of thousands of developer workstations and CI/CD build servers to the risk of credential and crypto wallet theft. The malicious packages are designed to…...

1+ day, 20+ min ago  (270+ words) Palo Alto Networks is actively working on security patches for a critical PAN-OS zero-day vulnerability. Tracked as CVE-2026-0300, this critical flaw is described as a buffer overflow affecting the User-ID Authentication Portal, also known as the Captive Portal service. The…...

3+ day, 6+ hour ago  (588+ words) Norton VPN has unveiled a new product aimed at the growing ecosystem of AI-powered tools, positioning itself early in what could become a competitive space. The company describes its latest offering, "VPN for Agents," as the first solution built specifically…...

4+ day, 21+ hour ago  (184+ words) Where systems operate at scale, there is a supply chain. It surfaced repeatedly as the entry point across incidents. The Itron incident showed a breach contained before reaching operational infrastructure. Activity relied on everyday user actions rather than complex exploits....

1+ week, 3+ day ago  (236+ words) Itron, Inc. , a prominent supplier of energy and water resource management solutions, has officially disclosed a cybersecurity incident involving unauthorized access to its internal IT network. The Itron IT breach was observed on April 13, 2026, according to an 8-K filing with…...

1+ week, 6+ day ago  (211+ words) The threat actors hijack Discord, Slack, Microsoft 365 Outlook, and file. io for command-and-control (C2) communications. The Gopher Whisper malware ecosystem relies heavily on payloads developed in the Go programming language, a We Live Security by ESET report released today said. The…...

2+ week, 1+ hour ago  (242+ words) Discovered in March 2026 by ZScaler security researchers, this operation targets Chinese-speaking individuals across Taiwan, South Korea, and Japan." The attack sequence begins with a malicious ZIP archive containing trojanized military documents and legitimate-looking decoys. Specifically, the threat actors modified the…...

2+ week, 19+ hour ago  (307+ words) Meta is deploying new internal monitoring tools to accelerate its artificial intelligence (AI) development. Through a program called the Model Capability Initiative (MCI), the technology firm is installing Meta tracking software on the computers of its U. S. -based staff. This software captures…...

2+ week, 2+ day ago  (261+ words) Mastodon developers confirmed that their flagship server experienced a severe distributed denial-of-service (DDo S) attack on Monday morning. The influx of malicious web traffic overwhelmed the primary instance, leaving many users unable to load the site or interact with their feeds....

3+ week, 1+ day ago  (244+ words) A severe website security breach has compromised dozens of open-source extensions, exposing thousands of active installations to malicious payloads. Following a corporate acquisition, a highly coordinated supply chain attack introduced a Word Press plugin backdoor into tools previously maintained by…...