A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 “sleeper” extensions that turn malicious after an update. […]
GlassWorm malware attacks return via 73 OpenVSX “sleeper” extensions Read More »
Canadian authorities have arrested three men for operating an “SMS blaster” device that pretends to be a cellular tower to send phishing texts to nearby phones. […]
Canada arrests three for operating “SMS blaster” device in Toronto Read More »
A Chinese national accused of carrying out cyberespionage operations for China’s intelligence services has been extradited from Italy to the United States to face criminal charges. […]
Alleged Silk Typhoon hacker extradited to US for cyberespionage Read More »
The U.S. Federal Trade Commission (FTC) warned of a massive increase in losses from social media scams since 2020, exceeding $2.1 billion in 2025. […]
FTC: Americans lost over $2.1 billion to social media scams in 2025 Read More »
A pro-Ukrainian hacktivist group called PhantomCore has been attributed to attacks actively targeting servers running TrueConf video conferencing software in Russia since September 2025. That’s according to a report published by Positive Technologies, which found the threat actors to be leveraging an exploit chain comprising three vulnerabilities to execute commands remotely on susceptible
PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks Read More »
Cybersecurity researchers have flagged dozens of Microsoft Visual Studio Code (VS Code) extensions on the Open VSX repository that are linked to a persistent information-stealing campaign dubbed GlassWorm. The cluster of 73 extensions has been identified as cloned versions of their legitimate counterparts. Of these, six have been confirmed to be malicious, with the remaining
Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware Read More »
An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive developer data and cryptocurrency wallets. […]
PyPI package with 1.1M monthly downloads hacked to push infostealer Read More »
The ShinyHunters extortion group stole the personal information of 5.5 million individuals after breaching the systems of home security giant ADT earlier this month, according to data breach notification service Have I Been Pwned. […]
Home security giant ADT data breach affects 5.5 million people Read More »
On Thursday, April 30 at 2:00 PM ET, BleepingComputer will host a live webinar with threat intelligence company Flare and threat intelligence researcher Tammy Harper, exploring how security teams can identify early warning signs of attacks before they escalate into incidents. […]
Webinar: Spotting cyberattacks before they begin Read More »
Medical device giant Medtronic disclosed last week that hackers breached its network and accessed data in “certain corporate IT systems.” […]
Medtronic confirms breach after hackers claim 9 million records theft Read More »