News

Veracode has posted its annual State of Software Security report, based on data from 1.6 million applications tested on its cloud platform, finding that more

Prolific cybercrime crew Scattered Lapsus$ Hunters (SLSH) is reportedly recruiting women in the hope of improving its social engineering success. According to Telegram channel posts

The Five Eyes intelligence alliance is urgently warning defenders to patch two Cisco Catalyst SD-WAN vulnerabilities used in attacks. First discovered by the Australian Signals

Security vulnerabilities in Claude Code could have allowed attackers to remotely execute code on users’ machines and steal API keys by injecting malicious configurations into

A China-linked crew found a unique formula for attacking telcos and government orgs across the Americas, Asia, and Africa in its latest round of intrusions.

Next.js developers are once again in the crosshairs as hackers seed malicious repositories disguised as legitimate projects, according to Microsoft, which said a limited set

The former general manager of L3Harris’s cyber arm will spend the next seven years behind bars for selling trade secrets to Russia. Peter Williams, 39,

Wynn Resorts has confirmed that employee data was stolen from its servers, and is taking the hackers’ word that they’ve since deleted it. For anyone

A ChatGPT user with links to Chinese law enforcement tried to use the AI chatbot to run smear campaigns targeting the Japanese prime minister and

Researchers from Georgia Tech have found that the supply chain for threat intelligence data is susceptible to adversarial action, and proposed a method to improve

What good is finding a hole if you can’t fix it? Anthropic last week talked up Claude Code’s improved ability to find software vulnerabilities and

If you run SolarWinds’ Serv-U, you should patch promptly. Four critical vulnerabilities in the file transfer software can allow attackers to execute code as root.

North Korea’s Lazarus Group appears to have added another tool to its kit. It has begun using Medusa ransomware in extortion attacks targeting at least

A Go library maintainer has urged developers to turn off GitHub’s Dependabot, arguing that false positives from the dependency-scanning tool “reduce security by causing alert

The UK’s data protection regulator has fined social media giant Reddit £14.47 million ($19.5 million) over its use of children’s data. The Information Commissioner’s Office

Mr. Stephen Quinn joined the National Institute of Standards and Technology (NIST) in 2004 and serves as a senior computer scientist in the Information Technology

Two South Korean teenagers were this week charged with breaching Seoul’s public bike service, Ttareungyi. Identified only as Persons A and B, the pair, now

The number of international workers applying for a visa to work in the UK’s tech sector dropped 11 percent between Q2 and Q3 2025, and