A stream of malicious npm and PyPi packages have been found stealing a wide range of sensitive data from software developers on the platforms. [...] Continue reading at the publisher's website.

Fake Bitwarden sites are pushing installers purportedly for the open-source password manager that carry a new password-stealing malware that security researchers call ZenRAT. [...] Continue reading at the publisher's website.

Johnson Controls International has suffered what is described as a massive ransomware attack that encrypted many of the company devices, including VMware ESXi servers, impacting the company's and its subsidiaries' operations. [...] Continue reading at the publisher's website.

A joint cybersecurity advisory by the FBI, NSA, CISA, and the Japanese NISC (cybersecurity) and NPA (police) sheds light on the techniques the Chinese threat actors known as BlackTech use to attack Japanese and U.S. organizations. [...] Continue reading at the publisher's website.

Researchers from four American universities have developed a new GPU side-channel attack that leverages data compression to leak sensitive visual data from modern graphics cards when visiting web pages. [...] Continue reading at the publisher's website.

Hackers are breaching GitHub accounts and inserting malicious code disguised as Dependabot contributions to steal authentication secrets and passwords from developers. [...] Continue reading at the publisher's website.

After almost three years, Microsoft has finally added the 'Never combine taskbar button' back to Windows, and it still doesn't work correctly. [...] Continue reading at the publisher's website.

Microsoft has started rolling out the next major version of its operating system, Windows 11 23H2, to Insiders enrolled in the Release Preview Channel for enterprise testing before the general release later this year. [...] Continue reading at the publisher's website.