Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.

CBSE clarified that the portal used for evaluation answer sheets has a different URL than the one visible on the teenager's ...

Ghostwriter used Prometheus lures since spring 2026 to target Ukraine agencies, enabling malware delivery and data theft.

We are looking for contributors. Please check open issues in the above repos if you think you could help, or open a new one if you have an idea you'd like to discuss. jsDelivr is a free CDN for ...

A retailer with four South Florida locations filed for Chapter 11 with roughly $429 million in debts as it works to ...

Microsoft Threat Intelligence said attackers placed malicious code inside a Mistral AI download distributed through a Python ...

Lazarus Group has deployed RemotePE, a fully memory-resident trojan that is extremely hard for traditional antivirus and forensic tools to detect.

SFBJ's Crane Watch expanded to Fort Lauderdale, West Palm Beach West Marine files Chapter 11 with $429M debt load West Marine ...

Attackers are increasingly abusing Microsoft’s legacy MSHTA utility to silently deliver malware, stealers, and persistent ...

CVE-2026-5426 enabled KnowledgeDeliver LMS attacks before February 24, 2026, leading to Cobalt Strike infections.

Hulud payload to steal CI/CD secrets from Linux-based automation environments. The malware executes during npm install and ...

A malicious version of the PyTorch Lightning package published on the Python Package Index (PyPI) delivers a credential-stealing payload targeting browsers, environment files, and cloud services. The ...