Browsing: Cybersecurity

The State of Trusted Open Source Report

Cybersecurity April 5, 2026

In December 2025, we shared the first-ever The State of Trusted Open Source report, featuring insights from our product data and customer…

Click, wait, repeat: Digital trust erodes one login at a time

Cybersecurity April 5, 2026

Sign-up forms that drag on, login steps that repeat, and access requests that take longer than expected have become a…

Axios npm hack used fake Teams error fix to hijack maintainer account

Cybersecurity April 5, 2026

The maintainers of the popular Axios HTTP client have published a detailed post-mortem describing how one of its developers was…

T-Mobile Sets the Record Straight on Latest Data Breach Filing

Cybersecurity April 4, 2026

T-Mobile USA has provided clarification on a recent data breach notification, stating that it was triggered by an insider incident…

Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK

Cybersecurity April 4, 2026

Solana-based decentralized exchange Drift has confirmed that attackers drained about $285 million from the platform during a security incident that…

Microsoft releases open-source toolkit to govern autonomous AI agents

Cybersecurity April 4, 2026

AI agents can book travel, execute financial transactions, write and run code, and manage infrastructure without human intervention at each…

Device code phishing attacks surge 37x as new kits spread online

Cybersecurity April 4, 2026

Device code phishing attacks that abuse the OAuth 2.0 Device Authorization Grant flow to hijack accounts have surged more than 37…

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

Cybersecurity April 4, 2026

A threat actor has been exploiting vulnerable Next.js applications to compromise systems and exfiltrate credentials at scale, Cisco’s Talos security…

Why Third-Party Risk Is the Biggest Gap in Your Clients’ Security Posture

Cybersecurity April 4, 2026

The next major breach hitting your clients probably won’t come from inside their walls. It’ll come through a vendor they trust, a SaaS…

FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616)

Cybersecurity April 4, 2026

Defused Cyber has spotted a critical Fortinet FortiClient Endpoint Management Server (EMS) zero-day vulnerability (CVE-2026-35616) being exploited in the wild.…

Browsing: Cybersecurity

The State of Trusted Open Source Report

Click, wait, repeat: Digital trust erodes one login at a time

Axios npm hack used fake Teams error fix to hijack maintainer account

T-Mobile Sets the Record Straight on Latest Data Breach Filing

Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK

Microsoft releases open-source toolkit to govern autonomous AI agents

Device code phishing attacks surge 37x as new kits spread online

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

Why Third-Party Risk Is the Biggest Gap in Your Clients’ Security Posture

FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616)

Massive Motorola Razr 2026 leak leaves nothing to the imagination

New Lotus data wiper used against Venezuelan energy, utility firms

The hidden ‘bland tax’ that could erase your brand from AI search

The Best Last-Minute Deals From Home Depot’s ‘Spring Black Friday’ Sale

Our Picks

Massive Motorola Razr 2026 leak leaves nothing to the imagination

New Lotus data wiper used against Venezuelan energy, utility firms

The hidden ‘bland tax’ that could erase your brand from AI search