Wiz researchers investigated and found the core of the flaw, a threat actor ID bypass due to unanchored regexes, and notified ...

Cybersecurity firm Group-IB found the DeadLock ransomware is exploiting Polygon smart contracts to create a resilient ...

DeadLock, a ransomware group that first emerged in July 2025, has made news again, and this time it is for abusing Polygon ...

A misconfigured AWS CodeBuild webhook allowed bypass of actor ID checks, risking takeover of four AWS GitHub repositories ...

The new system, rolled out in November, attaches a colour to every type of weather alert: warnings, advisories and watches.

Discover how crypto malware operates through cryptojacking and ransomware, with real-world examples such as WannaMine and PowerGhost ...

A critical misconfiguration in AWS CodeBuild has allowed attackers to seize control of core AWS GitHub repositories, ...

A dramatic spike in npm-focused intrusions shows how attackers have shifted from opportunistic typosquatting to systematic, credential-driven supply chain compromises — exploiting CI systems, ...

The ransomware family’s abuse of Polygon smart contracts echoes techniques recently seen in Ethereum-based attacks.

A critical misconfiguration in AWS's CodeBuild service allowed complete takeover of the cloud provider's own GitHub ...

Human nature loves to point the finger and assign blame. The problem seems to always lie ‘out there’ — in another person, ...

This week's stories show how fast attackers change their tricks, how small mistakes turn into big risks, and how the same old ...