On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...

A malicious npm package has been caught impersonating one of the JavaScript ecosystem's most widely used build tools. The ...

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.

ThreatsDay Bulletin covers AI abuse, poisoned packages, phishing, macOS attacks, SD-WAN flaws, scams, and supply-chain ...

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...

A three-CVE chain lets any default LiteLLM user escalate to admin and get a shell on the gateway server. A separate RCE is ...

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

iOS 26.5 is now available to everyone after six weeks of beta testing. The update adds fresh wallpapers, new features to Apple Maps, and more. Perhaps most notably, iOS 26.5 adds support for ...

Apple’s newly released iOS 26.5 update supports end-to-end encryption for RCS messaging between iPhones and Android devices. However, the feature requires the cooperation of wireless carriers.

Instagram will remove end-to-end encryption for direct messages between users from May 8, 2026. When the date comes around, Meta will potentially be able to see the contents of all messages between ...

Publicly released exploit code for an effectively unpatched vulnerability that gives root access to virtually all releases of Linux is setting off alarm bells as defenders scramble to ward off severe ...