Lookout Threat Labs, and iVerify published coordinated research in March 2026 on DarkSword, a JavaScript-based full-chain exploit that compromises iOS devices running versions 18.4 through 18.7 (some ...

Discord’s reversal followed a widespread user backlash, which also intensified scrutiny of the platform’s age-check partners. Suddenly, these often-overlooked players in the “age-assurance” ecosystem ...

Team Canada's Kerri Einarson has lost her first game at the world women's curling championship in Calgary. It took an extra end, but Switzerland's Xenia Schwaller's squad defeated Einarson, 6-5, on ...

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

The campaign, observed in February 2026, has been assessed to share overlaps with a prior campaign mounted by Laundry Bear, a group tracked by Microsoft as Void Blizzard.

Storing payment details in your browser or online shops is convenient but poses a high security risk. Read on to find out what you should do instead.

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

Microsoft Authenticator Flaw on Android, iOS Could Leak Login Codes for Millions Your email has been sent A newly discovered vulnerability in Microsoft Authenticator could expose sensitive login codes ...