Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...

Lazarus Group has deployed RemotePE, a fully memory-resident trojan that is extremely hard for traditional antivirus and forensic tools to detect.

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...

Hackers are targeting WordPress websites running a vulnerable version of the WP Maps Pro plugin, which allows creating rogue ...

May 31 update. This post, first published on May 30, was updated with more details of the prospective release schedule for iOS 27 and details of how the new Siri will be crucial to the success of the ...

GCL Global Holdings Ltd (Nasdaq: GCL) (“GCL” or the “Company”), a leading provider of games and entertainment, today announced that its publishing subsidiary, ...

OE™ Studio, the first Agentix-Native Workstation, powered by mimik’s mimOE, Agentix Operating Engine. Together they enable ...

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...

From quick keyboard shortcuts to AI-powered OCR and GIF creation, Windows 11 includes far more screenshot tools than most people realize.