Bleeping Computer

Popular node-ipc npm package compromised to steal credentials

Hackers have injected credential-stealing malware into newly published versions of node-ipc, a popular inter-process communication package, in a new supply chain attack targeting npm. The node-ipc ...

North Korean hackers pose as police in spear phishing attacks

N. Korean hacking group linked to the country's military intelligence agency has posed as defense officials in spear phishing ...
PCMag

OpenAI Tells Mac Users to Update Apps After Software Supply Chain Attack

OpenAI was hit by a supply chain attack involving hackers publishing a malicious version of Tanstack software used for web ...
Dark Reading

'FrostyNeighbor' APT Carefully Targets Govt Orgs in Poland, Ukraine

A known Belarussian cyber-espionage group is back with a threat campaign against targets in Eastern Europe that uses spear-phishing to deliver malicious payloads to Eastern European government and ...
Dark Reading

China's 'FamousSparrow' APT Nests in South Caucasus Energy Firm

The cyberthreat group targets an Azerbaijani oil-and-gas firm with repeated attack, as the China-linked actors extend ...

Google Detects First AI-Developed Zero-Day Exploit Used by Threat Actors

While previous assessments categorized AI-assisted cyberattacks as experimental, current data suggests generative AI is now a mature, industrialized component of offensive operations.
Reuters

Virginia jury convicts Afghan man linked to 2021 Kabul airport attack

April 29 (Reuters) - A federal jury in Virginia on Wednesday convicted an Afghan man of conspiring to provide material support to a terrorist organization in connection with the 2021 suicide ‌bombing ...
The Conversation

Latest attack threatening President Trump reflects rising political violence in US

For the third time in three years, Donald Trump has come under threat by an attacker. Many facts remain unclear after a gunman stormed the Washington Hilton on April 25, 2026, during the White House ...
Reuters

Mali army bases hit in large-scale attacks claimed by al Qaeda-linked militants

Explosions, gunfire near main army base outside Bamako Attacks reported in multiple northern cities Mali's military leaders took power after coups in 2020, 2021 Army says it killed 'several hundred' ...
Infosecurity-magazine.com

Researchers Uncover 10 In-the-Wild Prompt Injection Payloads Targeting AI Agents

Security researchers have discovered 10 new indirect prompt injection (IPI) payloads targeting AI agents with malicious instructions designed to achieve financial fraud, data destruction, API key ...
The Washington Post

Chaos, a blast, then bloodshed: U.S. Marine recounts deadly Kabul airport attack

In the moments she last saw her friend alive, Marine Cpl. Kelsee Lainhart was helping an Afghan woman and her two toddler sons leave the Kabul airport. It was Aug. 26, 2021, and thousands of desperate ...
CPO Magazine

Top 11 Best Breach and Attack Simulation Tools & Adversary Emulation Software

Your security stack may list firewalls, EDR, SIEM and a new XDR console, but attackers don’t read policy. They probe until they uncover a weak spot. Breach and attack simulation (BAS) lets you ...