A cyber group is impersonating IT helpdesk staff via Microsoft Teams to deploy malware and target corporate systems.

UNC6692 has been attributed to a large email campaign that's designed to overwhelm a target's inbox with a flood of spam ...

Lazarus Group is targeting fintech and crypto executives using macOS through a new malware kit delivered via social ...

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.

The April 2026 Vercel security incident continues to extend past initial claims. The incident, which was said to involve what ...

For years, the cybersecurity industry has spoken about AI attacks in the future tense. We imagined sentient super-hackers dismantling firewalls with alien logic. The reality, as we are discovering in ...

Three supply chain attacks hit npm, PyPI, and Docker Hub between April 21–23, 2026. All three targeted secrets: API keys, cloud credentials, SSH keys, and tokens from developer environments and CI/CD ...

Small businesses are becoming more susceptible to cyber threats, including phishing, ransomware, and data breaches ...

ThreatsDay Bulletin: active exploits, supply chain attacks, AI abuse, and stealth data risks observed this week.

The Bitwarden security team confirms that a malicious version of the command-line client was briefly distributed.

Attackers published a malicious command-line version of the popular open-source password manager to the npm registry and may ...