A known Belarussian cyber-espionage group is back with a threat campaign against targets in Eastern Europe that uses spear-phishing to deliver malicious payloads to Eastern European government and ...

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, ...

TanStack tightens security measures after supply chain attacks. Pull requests may soon only be possible by invitation.

A security flaw in “Claude in Chrome” enables any Chrome extension, including those without permissions, to execute ...

Jurors spent nearly a month hearing and viewing evidence in the high-profile trial, where Musk had accused Altman of ...

TanStack has released a detailed postmortem describing a sophisticated supply-chain attack that compromised 42 npm packages ...

Company expects Ontario Securities Commission to issue a failure to file cease trade order that would prohibit trading in its securities in Canada ...

Once a Bay Street darling, Toronto fintech startup entered receivership in April, owes its lenders roughly $2.5-million ...

Claude without MCP is only half the story.

Sometime around the last week of May 2026, attackers uploaded poisoned packages to three of the most widely used software ...

A critical security vulnerability impacting the Funnel Builder plugin for WordPress has come under active exploitation in the wild to inject malicious JavaScript code into WooCommerce checkout pages ...

A poisoned open-source dependency let attackers breach two OpenAI employee devices and steal credentials from a limited set of its internal source code repositories, OpenAI confirmed in a May 14, 2026 ...