TeamPCP continues is supply chain compromise rampage, with telnyx on PyPI being the latest maliciously modified package. What happened? Telnyx is a widely used software development kit (SDK) for... Read more »
The Public Accounts Committee says the UK government has dropped the ball on the use of data analytics to tackle tax fraud and error, as the public purse haemorrhages... Read more »
The bank has responded to the Treasury Committee’s request for information on a major data breach in its banking app Read more »
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an Aquasecurity Trivy flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Aquasecurity Trivy... Read more »
The US Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities catalog: CVE-2026-33017, a recently disclosed code injection vulnerability in Langflow, an... Read more »
AFC Ajax, the Dutch football club from Amsterdam, disclosed that an unknown hacker gained access to parts of its IT systems and obtained the email addresses of a few... Read more »
The kernel exploit for two security vulnerabilities used in the recently uncovered Apple iOS exploit kit known as Coruna is an updated version of the same exploit that was... Read more »
China-linked Red Menshen APT group used stealthy BPFDoor implants in telecom networks to spy on government targets. Rapid7 Labs uncovered a China-linked threat group known as Red Menshen has... Read more »
A long-term and ongoing campaign attributed to a China-nexus threat actor has embedded itself in telecom networks to conduct espionage against government networks. The strategic positioning activity, which involves... Read more »
Code keeps moving through pipelines, and credentials continue to surface alongside it. GitGuardian’s State of Secrets Sprawl 2026 puts the count at 28.65 million new hardcoded secrets in public... Read more »
