GlassWorm Malware Returns to Shatter Developer Ecosystems
The self-replicating malware has poisoned a fresh set of Open VSX software components, leaving potential downstream victims with infostealer infections.
Cyber Security
Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image Metadata
Cybersecurity researchers have disclosed details of a now-patched security flaw impacting Ask Gordon, an artificial intelligence (AI) assistant built into…
8-Minute Access: AI Accelerates Breach of AWS Environment
The AI-assisted attack, which started with exposed credentials from public S3 buckets, rapidly achieved administrative privilges.
Dark Patterns Undermine Security One Click at a Time
People trust organizations to do the right thing, but websites’ and apps’ dark patterns pose a hidden threat that can…
Why Security is the Only Metric That Matters for Your VPS
In this post, I will talk about why security is the only metric that matters for your VPS. Data is…
[Webinar] The Smarter SOC Blueprint: Learn What to Build, Buy, and Automate
Most security teams today are buried under tools. Too many dashboards. Too much noise. Not enough real progress. Every vendor…
Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package
Threat actors have been observed exploiting a critical security flaw impacting the Metro Development Server in the popular “@react-native-community/cli” npm…
When Cloud Outages Ripple Across the Internet
Recent major cloud service outages have been hard to miss. High-profile incidents affecting providers such as AWS, Azure, and Cloudflare…
APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks
The Russia-linked state-sponsored threat actor known as APT28 (aka UAC-0001) has been attributed to attacks exploiting a newly disclosed security…
The Notepad++ supply chain attack — unnoticed execution chains and new IoCs
Introduction On February 2, 2026, the developers of Notepad++, a text editor popular among developers, published a statement claiming that…