Fake Claude Code installer malware used Google Ads to place spoofed AI tool pages above real documentation since March 2026.

In its geostrategic global competition with the United States, China utilizes a mixture of instruments to expand its footprint and advance its interests. These can be measured in four categories: ...

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...

Vivian Wilson, the estranged daughter of Elon Musk, cut an interview short after a reporter praised her billionaire father.

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...

Trans people are not going to disappear. We will keep showing up – in our workplaces, our communities, our gyms and public bathrooms – because we belong there, and we always have.

Malicious Sicoob.Sdk stole PFX certificates and client IDs via NuGet downloads, enabling API impersonation and payment abuse risks.

A Rust infostealer called IronWorm hid in 36 npm packages from the Arweave ecosystem. The malware self-replicated and then pushed backdated malicious commits across nine organizations. Developers who ...