A series of malicious LNK files targeting users in South Korea has been detected using a multi-stage attack chain that uses GitHub as command and control (C2) infrastructure. The campaign relies on scripting, encoded payloads and legitimate Windows tools to… Read More "GitHub Used as Covert Channel in Multi-Stage Malware Campaign"
Into the second month of the US-Iran war, the conflict in the Gulf continues to escalate—airstrikes widening, oil markets reacting, and pressure mounting around the Strait of Hormuz. But beyond the immediate security and economic concerns, another question is quietly… Read More "Here’s What Can Happen When the US Bombs Iran’s Nuclear Sites"
Anthropic’s Claude Code is in the news again – and not for the best reasons. Within days of each other, Anthropic first leaked the source code to Claude Code, and then a critical vulnerability was found by Adversa AI. Claude… Read More "Critical Vulnerability in Claude Code Emerges Days After Source Leak"
Ravie LakshmananApr 02, 2026Network Security / Vulnerability Cisco has released updates to address a critical security flaw in the Integrated Management Controller (IMC) that, if successfully exploited, could allow an unauthenticated, remote attacker to bypass authentication and gain access to the… Read More "Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise"
Deepfakes are blurring the line between real and fake and fraudsters are cashing in, using synthetic media for all manner of scams 29 Oct 2025 Can you tell what’s real online? It’s become increasingly difficult as advances in AI and… Read More "Cybersecurity Awareness Month 2025: When seeing isn’t believing"
Security researchers at Varonis have uncovered a new information stealer malware (infostealer) strain that harvests browser credentials, session cookies and crypto wallets before quietly sending everything to the attacker’s server for decryption. Called Storm, the infostealer emerged on underground cybercrime… Read More "New ‘Storm’ Infostealer Remotely Decrypts Stolen Credentials"
Apple is rolling out iOS and iPadOS updates for older devices to protect them against the recently disclosed DarkSword exploit kit. A few weeks after the Coruna exploit kit came to light, iVerify, Google, and Lookout warned of another dangerous… Read More "Apple Rolls Out DarkSword Exploit Protection to More Devices"
In December 2025, we shared the first-ever The State of Trusted Open Source report, featuring insights from our product data and customer base on open source consumption across our catalog of container image projects, versions, images, language libraries, and builds. These insights shed… Read More "The State of Trusted Open Source Report"
Families that combine open communication with effective behavioral and technical safeguards can cut the risk dramatically 30 Oct 2025 • , 6 min. read When we talk about fraud that can inflict a severe financial and emotional toll on the… Read More "How to help older family members avoid scams"
The UK’s National Cyber Security Centre (NCSC) has warned about an increase in targeted attacks against individuals using messaging apps including WhatsApp, Facebook Messenger and Signal. The alert, issued on March 31, warned that the NCSC and its international partners… Read More "NCSC Issues Security Alert Over Hackers Targeting WhatsApp and Signal"
