The app works by creating encrypted “vaults.” Anything you place inside a vault gets scrambled into unreadable data unless ...

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...

One BIOS update stands between you and a drive you can no longer access ...

A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade ...

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

The smartest way to use AI may not be letting it touch your files, but asking it to write software that handles them safely - ...

After some Dashlane users were locked out of accounts and a limited number of encrypted password vaults were downloaded, the ...

The codexui-android npm package silently exfiltrated OpenAI Codex auth tokens to an attacker server for a month, affecting 29,000 weekly downloads.

Miasma compromised 32 Red Hat packages June 1 via a hijacked CI/CD pipeline producing valid SLSA attestations, then hit 57 more June 3 using Phantom Gyp to evade install monitors. Red Hat confirmed no ...

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...