Nx supply chain attack on Aug 26, 2025 leaked 2,349 secrets via npm packages, risking GitHub and cloud accounts.

Google is pushing everyone toward passkeys (https://google.com/account/about/passkeys), which use your fingerprint or face scan instead of a password. Passkeys can’t be phished, making them a much ...

Over 80% of security incidents stem from browser-based apps, with Scattered Spider exploiting sessions and APIs.

The popular Nx build system, boasting 4 million downloads each week, was exploited in the first supply chain breach to use AI ...

What, I wonder, is the collective noun for email addresses? A horror of, an estate, a town of email addresses? Well, ...

On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 ...

ESET researchers have identified a new threat actor targeting Windows servers with a passive C++ backdoor and a malicious IIS ...

G oogle search works great for general queries, but there are dozens of specialized alternatives that do things Google can't—or won't. These five tools search through archived websites, scan code ...

Selenium IDE: This is like a beginner’s friend. It’s a browser extension, often for Firefox, that lets you record your ...

IntroductionAPT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima) is a North Korean-aligned threat actor active since at least 2012. APT37 primarily targets South Korean individuals ...

AI coding tools boost productivity but also introduce hallucinations—false APIs, insecure settings, and fake dependencies—that can trigger compliance failures, cyberattacks, and reputational damage.