Threat actors are increasingly abusing Shop, the order-tracking app from Shopify, by adding fake purchase receipts in users' ...

At least 15 malicious plugins found on the JetBrains Marketplace were designed to steal AI API keys from developers. The campaign, discovered by Aikido Security, includes plugins that act as AI coding ...

Microsoft extended Windows 10 security updates for personal devices through Oct. 12, 2027, giving users more time to upgrade.

The ShinyHunters hacking gang claims to have compromised the Oracle PeopleSoft servers of more than 100 organizations, including many universities.

Systems worldwide require immediate updates as critical remote code execution bugs and active browser exploits are finally ...

Cybercriminals, particularly the group ShinyHunters, have intensified their attacks, recently breaching over 100 firms' Oracle PeopleSoft servers.

Researchers at Push Security have identified a new campaign by threat actors that delivers infostealer malware through legitimate domains, tagged "LLMShare." Basically, "LLMShare" works by abusing the ...

CVE-2026-42530, the NGINX HTTP/3 vulnerability rated CVSS 9.2, is collecting dismissals because exploitation requires ASLR to ...

ShinyHunters published 297 GB of payroll, medical, and bank records for more than 10,000 employees after the June 16 ransom ...

Google will use IP addresses for ad measurement and personalization in Europe and the UK from August 2026, raising privacy ...

A vendor serving the Texas Parks and Wildlife Department exposed driver’s license numbers, passport numbers, and contact ...

Researchers from Zscaler found a new malware campaign dubbed Edgecution.