An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...

This was not a case of stolen credentials, but rather of vulnerability exploitation.

A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom "Snow" malware in a multipronged ...

A previously unknown threat group using tried-and-tested social engineering tactics - Microsoft Teams chat invitations and ...

UNC6692 has been attributed to a large email campaign that's designed to overwhelm a target's inbox with a flood of spam ...

UNC6692 relies on email bombing and social engineering to infect victims with Snow malware: Snowbelt, Snowglaze, and ...

Learn prompt engineering with this practical cheat sheet that covers frameworks, techniques, and tips for producing more ...

A widely used Python package has been compromised in a supply chain attack. The package, elementary-data, has over one ...

Google launches AI agent suite at Cloud Next 2026 with Workspace Studio, A2A protocol at 150 orgs, and Project Mariner. The pitch: only Google owns the full stack.

The open-source package elementary-data, with over a million downloads per month, has been compromised. Attackers exploited a vulnerability in a GitHub ...

Malicious npm packages have been identified distributing malware that steals credentials and attempts to spread across ...