Malicious npm package downloaded 676 times stole Claude AI files via GitHub uploads, increasing AI-driven malware risks.

GlassWorm poisoned 300 GitHub repositories since 2025, enabling supply chain attacks against developers and organizations.

Latin America and Europe become the target of two banking trojan campaigns that are designed to infect Windows and Android ...

Gitea flaw CVE-2026-27771 exposed private container images across 30,000 deployments, risking unauthorized access worldwide.

Nimbus Manticore used AI-assisted MiniFast malware in 2026 campaigns, expanding espionage through SEO poisoning and phishing.

Microsoft uncovered 150+ AI-assisted cryptojacking domains using fake software downloads to deploy persistent malware.

Microsoft released fixes for SharePoint remote code execution vulnerability CVE-2026-45659 with a CVSS score of 8.8.

CERT-In ordered 12-hour patching for critical internet-facing flaws as AI-driven attacks accelerate cyber exploitation.

MFA prompt bombing enabled Cisco attackers to steal 2.8GB in 2022, exposing push MFA weaknesses and account takeover risks.

MuddyWater targeted 9 organizations in 9 countries during Q1 2026, using DLL side-loading to steal data and evade detection.

CVE-2026-5426 enabled KnowledgeDeliver LMS attacks before February 24, 2026, leading to Cobalt Strike infections.

CVE-2026-48172 lets cPanel users run scripts as root, affecting LiteSpeed plugin 2.3–2.4.4 and exposing servers.