Solidity remains the dominant smart contract language for Ethereum and EVM-compatible chains, with the 2025 developer survey collecting responses from developers across eighty-seven different ...

ShinyHunters, an international black-hat hacker group — meaning it targets institutions for profit, personal motive or to ...

European law enforcement say they hacked into a VPN (virtual private network) service used for ransomware attacks and other ...

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has ...

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...

The Shai-Hulud supply-chain malware campaign is exploiting the automated systems developers trust to publish software safely.

Supply chain attacks with a Dune sci-fi saga branding continue to spread across the open-source ecosystem, with a Microsoft ...

Composer 2.5 is Cursor's third-generation proprietary coding agent, available exclusively inside the Cursor IDE and through the @cursor/sdk — not as a general API. Like its predecessor, it is built on ...

A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to ...

For protocol founders and security researchers, the incident reinforced a broader shift underway across crypto: DeFi is no longer primarily battling coding bugs. It’s battling complexity.

Microsoft flagged a Mistral AI hack as a supply-chain attack that hid malware in a fake AI library on PyPI. Here's what ...

Turla turns Kazuar into a 3-module P2P botnet, enabling stealthy C2, resilient tasking, and persistent access.