GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

Amazon security boss says crims abused max-security Cisco firewall flaw weeks before disclosure

Ransomware criminals exploited CVE-2026-20131, a maximum-severity bug in Cisco Secure Firewall Management Center software, as a zero-day vulnerability more than a month before Cisco patched the hole, ...

New “Darksword” iOS exploit used in infostealer attack on iPhones

A new exploit kit for iOS devices and delivery framework dubbed "Darksword" has been used to steal a wide range of personal information, including data from cryptocurrency wallet app.

The 3-pointer changed college basketball. And attempts keep ticking up heading into March Madness

College basketball teams are continuing to lean more and more on the 3-point shot. That comes in the 40th season since the ...

UConn teammates Sarah Strong and Azzi Fudd headline AP All-America first team

Sarah Strong and Azzi Fudd helped UConn to an undefeated season heading into March Madness. The pair became the first teammates in six years to make The Associated Press All-America team. It's the ...

My most useful Chrome extension was stealing my data for years

An extension I used almost every day was bought by a new owner and loaded up with spyware. It happened in 2024, but Google only removed it this week.
The Hacker News

Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access

Interlock ransomware is actively exploiting CVE-2026-20131 (CVSS 10.0) in Cisco FMC, enabling unauthenticated remote code execution as root.