GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

CanAm Enterprises Releases 2025 PKF-Attested EB-5 Track Record, Reporting $2.5 Billion Repaid and 5,797 I-526 Approvals

Independent attestation by PKF O'Connor Davies, LLP marks the company's seventh consecutive year of third-party ...
The Hacker News

DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage

DRILLAPP JavaScript backdoor targets Ukraine in Feb 2026, abusing Edge debugging features to spy via camera, microphone, and ...

Cracking the Algorithm: ‘Prompt to Power’ Kit Helps YouTubers Script Viral Hooks and Descriptions Faster

Scale your YouTube channel with "Prompt to Power." This AI toolkit helps creators script hooks, optimize descriptions, ...
9to5Google

Your favorite image-saving Chrome extension was scraping your data for cash

Seemingly out of nowhere, the “Save image as Type” Chrome extension was marked for removal, with Google warning users ...
The Hacker News

Investigating a New Click-Fix Variant

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.

Check Your iPhone Settings Now: Apple Releases First-Ever ‘Background’ Security Patch

This is the first Background Security Improvement from Apple. Here's how to make sure your iPhone installs it right away.

Researchers discover zero-day DarkSword exploit chain in iOS 18

Researchers from Google LLC and two cybersecurity companies have identified a set of zero-day exploits in iOS 18. Google’s GTIG threat intelligence team, Lookout Inc. and iVerify Inc. published their ...
The Caledonian-Record

H2O.ai H2OVL Mississippi models Shatter Milestone with Over One Million downloads monthly - Launching Momentum into GTC 2026

H2O.ai, a pioneer in sovereign AI and the world’s leading agentic, highly accurate predictive AI company, today announced its ...
Dark Reading

GlassWorm Malware Evolves to Hide in Dependencies

The infamous GlassWorm malware has infected dozens more Open VSX software packages, according to new research.