A malicious npm package has been caught impersonating one of the JavaScript ecosystem's most widely used build tools. The ...
JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
ThreatsDay Bulletin covers AI abuse, poisoned packages, phishing, macOS attacks, SD-WAN flaws, scams, and supply-chain ...
Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...
On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...
RADSAS is a full-stack cybersecurity platform that simulates ransomware attack behaviour in a safe, sandboxed environment. It provides real-time monitoring, risk assessment, forensic logging, and ...
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading ...
Terms often used in cybersecurity discussions and education, briefly defined. Your corrections, suggestions, and recommendations for additional entries are welcome: email the editor at [email protected].