The Next Web

Google found the first AI-generated zero-day exploit. It stopped the attack before it started.

Google's GTIG identified the first zero-day exploit developed with AI and stopped a mass exploitation event. The report documents state actors using AI for vulnerability research and autonomous ...
Infosecurity Magazine

Mini Shai-Hulud Hits TanStack npm Packages

A new wave of the Mini Shai-Hulud campaign compromised dozens of TanStack npm packages as part of a broader supply chain ...

Newly disclosed "Dirty Frag" vulnerability left Linux exposed for nearly a decade

Hyunwoo Kim, also known as "V4bel," recently disclosed "Dirty Frag," a dangerous security vulnerability that provides local ...
Hosted on MSN

Singapore issues urgent warning after Axios supply chain breach

What happened?: Attackers took over a maintainer account for Axios and published malicious versions to npm, potentially impacting millions of downloads. Why it matters: CSA Singapore warns supply ...
Morning Overview on MSN

Malicious open-source packages have surged 73% in 2026 as attackers poison the software supply chain

In March 2026, someone hijacked a maintainer account for Axios, a JavaScript HTTP library downloaded more than 45 million ...

Trellix source code breach claimed by RansomHouse hackers

The attack on the Trellix source code repository disclosed last week has been claimed by the RansomHouse threat group, which ...

Online archives of over 20 years of tech reporting | The Register

Dive into The Register's online archive of incisive tech news reporting, features, and analysis dating back to 1998 ...