Your Monday cybersecurity recap covers the latest digital threats, exposed weaknesses, active attacks, and security stories ...

Ubiquiti released a new security bulletin detailing fixes for six security issues, including one rated 9.1 (critical) and one scoring a perfect 10.0 on the CVE risk scale. The vulnerabilities ...

Sometime in late May 2026, a poisoned update slipped into the @antv family of JavaScript visualization libraries, the ...

Two months after Rapid7 discovered the hole in the Git service, the project maintainer has yet to patch the bug.

India's software supply chain security challenge is deepening as AI expands the attack surface while many enterprises lack ...

Reported over three years ago and allegedly still not properly fixed, the vulnerability enables attacks to execute JavaScript ...

OpenAI is telling every Mac user running its ChatGPT or Codex desktop app to update right now. The urgency traces back to a supply-chain attack on a popular open-source JavaScript toolkit called ...

The attack has raised significant concerns about the security of open-source software repositories, particularly those that house libraries and packages relied upon by millions of applications ...

This eliminates the need to remember different commands or continuously switch between package managers when collaborating in diverse teams or managing multiple projects. jpd provides a unified ...

Google finds iPhone exploit kit targeting crypto wallet seed phrases. Coruna toolkit attacks older iOS devices via fake crypto sites. Exploit linked to espionage and crypto theft campaigns. Security ...

The same connectivity that made Anthropic's Model Context Protocol (MCP) the fastest-adopted AI integration standard in 2025 has created enterprise cybersecurity's most dangerous blind spot. The ...

Noord-Koreaanse staatsgeborgde kuberkrakers have stepped up their cyberattacks, using the open-source NPM ecosystem to spread harmful packages. The “Contagious Interview” operation is behind these ...