Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...

Two vulnerabilities in the secure mobile gateway appliance allow unauthenticated attackers to bypass authentication and ...

The attacks stemmed from a GitHub account that was also compromised in a previous Miasma attack on Microsoft last month.

The malware used in the attack was dubbed “Miasma” and is described as a self-replicating worm designed to harvest login ...

As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself ...

A new variant of the Gafgyt botnet called C0XMO is targeting DD-WRT router firmware and can move to other device types with ...

CISA added CVE-2026-42271, a high-severity LiteLLM command injection flaw, to its KEV catalog after evidence of active ...

A website called “UK visa portal” has been quietly collecting passport scans, selfies, and personal data from thousands of travellers who thought they were applying through official channels.

The codexui-android npm package silently exfiltrated OpenAI Codex auth tokens to an attacker server for a month, affecting 29,000 weekly downloads.

Claude subscription billing changes June 15 as Anthropic moves Agent SDK and claude -p to a separate per-user credit of $20 ...

Build 2026 runs from June 2-3 in San Francisco. Here's what Microsoft is expected to announce for GitHub Copilot, Azure AI ...