A new campaign involving 19 malicious Visual Studio Code extensions used a legitimate npm package to embed malware in ...

OpenAI has reported a surge in performance as GPT-5.1-Codex-Max reaching 76% in capability assessments, and warned of ...

Google has released a Chrome security update to fix three zero-day vulnerabilities, including a high-severity flaw with an ...

ITRC president, James Lee, argued that the inflationary impact of breaches acts as a “hidden cyber tax” on consumers. He ...

Experts say a new Firm Checker tool from the FCA won’t move the dial on fraud but is a step in the right direction ...

CVE-2025-62221 is an elevation of privilege (EoP) bug in the Windows Cloud Files Mini Filter Driver, which enables a ...

A new malware campaign has been identified using a Python-based delivery system to deploy CastleLoader malware ...

Sonatype has claimed that 13% of Log4j versions downloaded this year were vulnerable to the legacy critical Log4Shell bug ...

Sysdig has found sophisticated malicious campaigns exploiting React2Shell that delivered EtherRAT and suggested North Korean ...

Pro-Russia hacktivist groups have been observed exploiting exposed virtual network computing connections to breach OT systems ...

The flaw, dubbed ‘GeminiJack,’ exploits the trust boundary between user-controlled content in data sources and the AI model’s ...

The UK’s National Cyber Security Centre has warned of the dangers of comparing prompt injection to SQL injection ...