There are plenty of drones (and other gadgets) you can buy online that use proprietary control protocols. Of course, ...

Four vulnerabilities in CrewAI could be chained together via prompt injection for sandbox escape, remote code execution, and ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

An attacker compromised the npm account of a lead Axios maintainer on March 30, and used it to publish two malicious versions ...

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...

Crypto users are facing a new security threat via fake Cloudflare CAPTCHA pages. The attack installs an infostealer built to siphon crypto wallet data.

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

A newly discovered attack sandbags Apple users into hacking themselves. Here’s what all Mac users need to know.

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...

Plus: A porn-quitting app exposed the masturbation habits of hundreds of thousands of users, Russian hackers are trying to take over people’s Signal accounts, and more. Of course, the international ...

Signage at the Stryker Corp. headquarters in Portage, Michigan, U.S., on March 12, 2026. Reporter A hacking group connected to Iran has claimed responsibility for a cyberattack on a U.S. medical ...