Anthropic says its Claude Mythos model discovered thousands of severe vulnerabilities across more than 1,000 OSS projects.

DocketWise says the personal, financial, and medical information of 143,000 people was accessed in an October 2025 data breach.

Threat actors stole files containing names and protected health information from the healthcare organization’s systems.

Hackers rewrote all Git tags across four Laravel-Lang packages, poisoning over 700 historical versions with backdoors.

The Megalodon supply chain attack poisoned over 5,500 GitHub repositories via automated commits injecting GitHub Actions workflows.

The stealthy vulnerability impacts roughly 88 million domains and can be exploited to bypass DNS filtering and hide ...

Verizon’s 2026 DBIR shows vulnerability exploitation was the top breach vector in 2025 as AI accelerated attacks, ransomware ...

TrendA has informed customers that it has patched CVE-2026-34926, another Apex One vulnerability that has been exploited in ...

The B1ack’s Stash dark web carding marketplace has released 4.6 million stolen credit card records as a free download.

Microsoft is working to patch CVE-2026-42897, an Exchange Server zero-day vulnerability that has been exploited in attacks.

Drupal has patched CVE-2026-9082, a highly critical vulnerability that could allow threat actors to hack websites.

Attackers are increasingly abusing Microsoft’s legacy MSHTA utility to silently deliver malware, stealers, and persistent ...