Two malicious versions of Axios, the most downloaded JavaScript HTTP client library, were briefly published to NPM and contained a cross-platform RAT. Google has attributed the attack to suspected North Korean threat actor UNC1069.
Hackers compromised a secondary API on the CPUID website for roughly six hours, redirecting download links for CPU-Z and HWMonitor to trojanized malware. The breach was discovered and remediated, but users who downloaded either tool during that window may be infected.
Juniper Networks has issued fixes for close to three dozen vulnerabilities across Junos OS and related products, including a critical 9.8-severity default password flaw that could hand attackers full control of affected devices.
New Qualys research analyzing over one billion CISA KEV remediation records from 10,000 organizations finds that 88% of tracked weaponized vulnerabilities were remediated slower than they were exploited, exposing a structural ceiling that staffing alone cannot fix.
Florida Attorney General James Uthmeier is probing OpenAI after the gunman behind a deadly Florida State University shooting allegedly communicated with ChatGPT in the days before the attack.
MITRE has released the Fight Fraud Framework (F3), a free, open knowledge base mapping the tactics, techniques, and procedures used by fraudsters across cyber channels to steal money, assets, and information.
Google has shipped Chrome 147 with fixes for 60 security vulnerabilities, including two critical heap and integer overflow bugs in the WebML component that together earned anonymous researchers $86,000.
Britain's Ministry of Defence says it tracked and exposed a covert Russian submarine mission near pipelines and cables north of the UK, forcing the vessels to abandon their operation and return home.
From a Windows SYSTEM-level zero-day released after a Microsoft dispute to Stryker confirming financial damage from a March 2026 cyberattack, this week's threat landscape was packed with significant developments.
Iranian state-backed hacking groups have been targeting Rockwell Automation Allen-Bradley PLCs since March 2026, with nearly 3,900 such devices in the US currently exposed online, according to federal agencies and cybersecurity firm Censys.