DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...

Mark Collier briefed me on two updates under embargo at KubeCon Europe 2026 last month: Helion, which opens up GPU kernel ...

Reclaiming my time, one prompt at a time ...

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

A patch to finally unlock the best VCD player the SEGA Dreamcast ever saw! - DerekPascarella/DreamMovie-UNLOCKED ...

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.

If you're paying for software features you're not even using, consider scripting them.

A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...