Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...

North Korea-linked hackers have upgraded the InvisibleFerret malware to bypass script-based security tools, converting its Python code into compiled modules that are harder for defenders to inspect ...

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.

Bumblebee from Perplexity scans developer machines for compromised packages and AI tool configs, without triggering malware.

From SpaceX’s record IPO plans to AI product launches, cyberthreats, layoffs, and legal fights, this week showed AI’s growing grip on tech.

GitHub CISO Alexis Wales confirmed Thursday that a poisoned build of the Nx Console Visual Studio Code extension — live on ...

Google has accidentally leaked details about an unfixed issue in Chromium that keeps JavaScript running in the background ...

Linus Akesson's A Mind is Born, a chiptune and graphic demo generated by just 256 bytes of code, is famous for its incredible ...

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and virtually all other ...

A legacy Windows scripting utility tied to Internet Explorer is still being used in modern malware campaigns, researchers say ...

Active Microsoft Exchange zero-day leaves organisations exposed By Nicola Mawson, Contributing journalistJohannesburg, 19 May 2026An exploit in on-premises Microsoft Exchange servers has already been ...