On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.

A newly documented BlankGrabber infection chain is using a bogus “certificate” loader to disguise a multi-stage Windows compromise, adding another layer of deception to a commodity stealer already ...

TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

In addition to rolling out patches to address two zero-days affecting SQL Server and .NET, Microsoft introduced Common Log File System hardening with signature verification.

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.

ThioJoe compares EXE and MSI files to reveal which Windows installer is best to use. Mamdani’s 'white supremacist' comment after terrorist attack draws MAGA backlash The grim choice facing the Trump ...

Update December 03, 08:39 EST: Microsoft has updated the support document to include Windows 11 25H2 to the list of affected OS versions. We have revised the title and story accordingly. Microsoft ...

If you have opened Task Manager and spotted lsass.exe running, you might wonder what it is and whether it is safe. The Local Security Authority Subsystem Service (lsass.exe) is a vital part of Windows ...