Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

Attackers weaponized critical RCE within hours, prompting CISA to add the flaw to its KEV catalog and set an urgent patch ...

The US cybersecurity agency CISA has flagged a critical code injection flaw in Langflow, the open-source visual framework ...

A critical security vulnerability in Langflow allows attackers to push and execute malicious code on PCs. A security patch is ...

Discover 7 enterprise infrastructure tools that reduce engineering workload, speed deployment, and eliminate months of manual ...

A global phishing campaign targeting Microsoft 365 bypasses security codes using a legitimate login feature, impacting ...

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical ...

With the arrival of the Base44 vibe-coding platform, natural language could be the new language of software development.

ThreatsDay Bulletin covers stealthy attack trends, evolving phishing tactics, supply chain risks, and how familiar tools are ...

Abstract: The rise of quantum computing poses significant challenges to security systems, with traditional message authentication codes (MACs) at unprecedented risk of compromise. This paper proposes ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...