Security researchers have warned that the open source ecosystem has become a “structural risk,” after revealing another surge in malicious packages last year. Sonatype said in its 2026 State of the Software Supply Chain report that developers downloaded components 9.8… Read More "Researchers Uncover 454,000+ Malicious Open Source Packages"
ESET researchers examined CVE‑2025‑50165, a serious Windows vulnerability described to grant remote code execution by merely opening a specially crafted JPG file – one of the most widely used image formats. The flaw, found and documented by Zscaler ThreatLabz, piqued… Read More "A critical flaw in Windows Imaging Component"
AI adoption is accelerating faster than enterprise oversight, creating a rapidly widening attack surface across all sectors, said Zscaler in its ThreatLabz 2026 AI Security Report. The annual report, published on January 27, 2026, analyzed 989.3 billion AI and machine… Read More "AI Security Threats Loom as Enterprise Usage Jumps 91%"
In this roundup, Tony looks at how opportunistic threat actors are taking advantage of weak authentication, unmanaged exposure, and popular AI tools 28 Feb 2026 With the second month of 2026 (almost) behind us, it’s time for ESET Chief Security… Read More "This month in security with Tony Anscombe – February 2026 edition"
An ongoing trojan malware campaign designed to take control of systems and steal sensitive information is being generated with the aid of AI, researchers have said. PureRAT is a full-featured remote access trojan (RAT) and infostealer which first emerged last… Read More "Emojis in PureRAT’s Code Point to AI-Generated Malware Campaign"
Have you ever received a package you never ordered? It could be a warning sign that your data has been compromised, with more fraud to follow. 23 Dec 2025 • , 5 min. read Global e-commerce sales are predicted to… Read More "What are brushing scams and how do I stay safe?"
Two serious security flaws affecting the n8n workflow automation platform have exposed weaknesses in the product’s sandboxing mechanisms for JavaScript and Python code. The vulnerabilities, disclosed by the JFrog Security Research team, could allow authenticated attackers to run arbitrary commands… Read More "Critical and High Severity n8n Sandbox Flaws Allow RCE"
Reusing passwords may feel like a harmless shortcut – until a single breach opens the door to multiple accounts 08 Jan 2026 • , 4 min. read Reusing the same password across multiple accounts may be convenient, but it sets… Read More "What it is and how to protect yourself"
A coordinated security update released earlier this month fixed 12 previously unknown vulnerabilities in OpenSSL, the open-source cryptographic library that underpins a large share of the world’s secure communications. The issues were uncovered by AISLE and disclosed through a coordinated… Read More "Autonomous System Uncovers Long-Standing OpenSSL Flaws"
Has your inbox recently been deluged with unwanted and even outright malicious messages? Here are 10 possible reasons – and how to stem the tide. 27 Jan 2026 • , 5 min. read For all our modern obsession with social… Read More "Drowning in spam or scam emails lately? Here’s why"
