Active attacks exploit Metro4Shell (CVE-2025-11953) in React Native CLI to execute commands and deploy Rust malware.

Researchers from OpenAI, Anthropic, and Google DeepMind found that adaptive attacks bypassed 12 AI defenses that claimed near-zero risk.

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

More than 230 malicious packages for the personal AI assistant OpenClaw (formerly known as Moltbot and ClawdBot) have been ...

A comprehensive SAML development guide for engineering leaders. Learn about assertions, metadata, and securing single sign-on for enterprise CIAM.

Two malware campaigns weaponize open-source software to target executives and cloud systems, combining social engineering ...

Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native ...

This is Part 2 of our two-part technical analysis on the Gopher Strike and Sheet Attack campaigns. For details on the Gopher Strike campaign, go to Part 1.IntroductionIn September 2025, Zscaler ...

Researchers discover that PureRAT’s code now contains emojis – indicating it has been written by AI based-on comments ripped ...

Two VSCode extensions are harvesting sensitive data and sending it to China.

Here's what to look out for ...

Some attachments in Epstein emails can be recovered unredacted, because base64-encoded email attachment data was included in the DOJ releases.