Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...

ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be ...

A hacker inserted malware in Axios, an open-source web tool downloaded tens of millions of times weekly, in a widespread hack ...

Attacks leveraging the 'PolyShell' vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are ...

Leaked "DarkSword" exploits published to GitHub allow hackers and cybercriminals to target iPhone users running old versions ...

Hackers target GitHub developers with fake VS Code alerts and CVEs, using malicious links to steal data and deliver malware.

WebRTC skimmer exploits PolyShell flaw since March 19, hitting 56.7% stores, enabling stealth data theft bypassing CSP.

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...

IntroductionOn March 31, 2026, Anthropic accidentally exposed the full source code of Claude Code (its flagship ...

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...

Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor ...