On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Threat actors are exploiting CVE-2025-53521, a critical F5 BIG-IP vulnerability that has been reclassified as a remote code execution issue.

The Commission on Elections (Comelec) has dismissed the allegations made in the impending impeachment complaint against its officials as ...

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting ...

The Commission on Elections (Comelec) dismissed the allegations of irregularities in election technology, data handling, and ...

Attacks leveraging the 'PolyShell' vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are ...

It hides inside developer tools, then monitors activity and steals data, turning a single infection into a wider risk across ...

CISA adds actively exploited F5 BIG-IP APM CVE-2025-53521 (CVSS 9.3) to KEV, ordering FCEB patch by March 30, 2026 to curb RCE risk.

Attackers rapidly exploited a critical Oracle WebLogic RCE flaw the same day exploit code was released, according to a ...

GlassWorm uses Solana and Google Calendar dead drops to deliver RAT stealing browser data and crypto wallets, impacting ...

If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ Trivy maintainer says.