Experts warn the campaign could outpace past global cyberattacks, with hundreds of thousands of credentials already ...

A newly documented BlankGrabber infection chain is using a bogus “certificate” loader to disguise a multi-stage Windows compromise, adding another layer of deception to a commodity stealer already ...

International cybersecurity firms had been tracking a sophisticated malware strain called PXA Stealers for months, tracing it to a Vietnamese-speaking developer whose Telegram handle "Lone None" was ...

TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver credential-stealing malware hidden inside a WAV file. Earlier today, the ...

LangChain and LangGraph, two popular open source frameworks for building AI apps, contained high-severity and critical ...

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

Attackers weaponized critical RCE within hours, prompting CISA to add the flaw to its KEV catalog and set an urgent patch ...

The US cybersecurity agency CISA has flagged a critical code injection flaw in Langflow, the open-source visual framework ...

A critical security vulnerability in Langflow allows attackers to push and execute malicious code on PCs. A security patch is ...

New AI-powered scanner -- who-touched-my-packages -- detects zero-day malicious packages and credential exfiltration in seconds BOSTON, March 26, 2026 /PRNewswire/ -- Point Wild, a leading global ...

Threats actors pounced on the vulnerability within hours of its disclosure, demonstrating that organizations have little time ...