A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.

Your Monday cybersecurity recap covers the latest digital threats, exposed weaknesses, active attacks, and security stories ...

Ubiquiti released a new security bulletin detailing fixes for six security issues, including one rated 9.1 (critical) and one scoring a perfect 10.0 on the CVE risk scale. The vulnerabilities ...

Sometime in late May 2026, a poisoned update slipped into the @antv family of JavaScript visualization libraries, the ...

Two months after Rapid7 discovered the hole in the Git service, the project maintainer has yet to patch the bug.

India's software supply chain security challenge is deepening as AI expands the attack surface while many enterprises lack ...

Reported over three years ago and allegedly still not properly fixed, the vulnerability enables attacks to execute JavaScript ...

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and virtually all other ...

In an ongoing cyberattack, hackers have compromised several popular open source projects that software developers all over the world rely on. On Tuesday, cybersecurity firms StepSecurity and SafeDep ...

is a high-performance Discord exploitation framework designed for silent IP/ISP tracking and network auditing. It utilizes sophisticated redirection techniques to bypass Discord's security filters, ...

Google identified the first zero-day exploit it believes was developed with AI and thwarted a planned mass exploitation event. The GTIG report documents state-sponsored actors from China, North Korea, ...

The May 2026 report from Google’s Threat Intelligence Group marks a definitive shift in the cybersecurity landscape. While previous assessments categorized AI-assisted cyberattacks as experimental, ...