CSO Online

Supply-chain attacks take aim at your AI coding agents

A North Korean APT has crafted malicious software packages to appeal to AI coding agents, while ‘slopsquatting’ shows the ...
Morning Overview on MSN

Malicious open-source packages surge 73% in 2026 as threat actors weaponize the software supply chain

In the first five months of 2026, security researchers have flagged more malicious packages on the npm registry than in all ...
Krebs on Security

Using Google Search to Find Software Can Be Risky

Google continues to struggle with cybercriminals running malicious ads on its search platform to trick people into downloading booby-trapped copies of popular free software applications. The malicious ...
SiliconANGLE

Fortinet identifies thousands of malicious software packages exploiting open-source repositories

A new report out today from Fortinet Inc.’s FortiGuard Labs highlights a growing wave of malicious software packages exploiting system vulnerabilities. Based on data collected since November 2024, the ...
Bleeping Computer

The Biggest Takeaways from Recent Malware Attacks

Among the never-ending list of malicious software that threat actors use in cyber attacks are viruses, worms, trojans, ransomware, spyware, and adware. Today's malware is not just about causing ...
Dark Reading

Threat Spotlight: Proportion of Malicious HTML Attachments Doubles Within a Year

The security industry has been highlighting the cybercriminal misuse of HTML for years — and evidence suggests it remains a successful and popular attack tool. Last year we reported that around one-in ...
Ars Technica

GitHub besieged by millions of malicious repositories in ongoing attack

GitHub is struggling to contain an ongoing attack that’s flooding the site with millions of code repositories. These repositories contain obfuscated malware that steals passwords and cryptocurrency ...