Infostealer campaign compromises 10 npm packages, targets devs
Ten npm packages were suddenly updated with malicious code yesterday to steal environment variables and other sensitive data from developers'…
Trump says Waltz doesn’t need to apologize over Signal text chain leak: ‘Doing his best’
President Donald Trump defended National Security Advisor Michael Waltz in the wake of the Signal text chain leak, saying that…
New Windows zero-day leaks NTLM hashes, gets unofficial patch
Free unofficial patches are available for a new Windows zero-day vulnerability that can let remote attackers steal NTLM credentials by…
Unpacking Disinformation in the 2024 US Presidential Election
The 2016 U.S. presidential election is often cited as a watershed moment for digital disinformation campaigns – revealing the vulnerability…
New VanHelsing ransomware targets Windows, ARM, ESXi systems
A new multi-platform ransomware-as-a-service (RaaS) operation named VanHelsing has emerged, targeting Windows, Linux, BSD, ARM, and ESXi systems. [...]
One standard for them, another for us — this is ‘forgiveness asymmetry’
Left-wing terrorism is back. Tesla dealerships and charging stations are the targets of a firebombing campaign, quietly supported by opponents…
Sen Bernie Sanders names 2 things Trump has done right
Sen. Bernie Sanders, I-Vt., told ABC's Jonathan Karl that President Donald Trump is doing two things right during his first…
Trump envoy doesn’t believe Putin wants to take over Europe
Trump envoy Steve Witkoff says he doesn't think Russian President Vladimir Putin has ambitions to invade Europe.
Fake Semrush ads used to steal SEO professionals’ Google accounts
A new phishing campaign is targeting SEO professionals with malicious Semrush Google Ads that aim to steal their Google account credentials. [...]
Veeam RCE bug lets domain users hack backup servers, patch now
Veeam has patched a critical remote code execution vulnerability tracked as CVE-2025-23120 in its Backup & Replication software that impacts domain-joined…