A malicious Python package masquerading as a legitimate Telegram development tool has been identified as a vehicle for remote code execution attacks, raising concerns about supply chain security ...

India’s telecom regulator wants to use AI spam flags as enforcement triggers against senders for the first time, moving beyond subscriber alerts to actual action. Under the draft, the complaint ...

ThreatsDay Bulletin covers stealthy attack trends, evolving phishing tactics, supply chain risks, and how familiar tools are ...

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...

Victims are coaxed into a Quick Assist session that drops a digitally signed Microsoft Installer (MSI). This slips in a third-party-signed dynamic link library (DLL) to trigger sideloading and deploy ...

Cybercriminal activity continues to move away from direct software exploitation toward manipulating everyday user behavior within corporate environments, experts have warned. New research by Huntress ...

Active exploits, nation-state campaigns, fresh arrests, and critical CVEs — this week's cybersecurity recap has it all.

Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and ...