dYdX has been targeted by bad actors using malicious packages to empty its user wallets.

Open source packages published on the npm and PyPI repositories were laced with code that stole wallet credentials from dYdX ...

Also known as the inmate code or prison code, it is the violent day-to-day reality for those involved in the prison system ...

Multiple critical vulnerabilities in the popular n8n open-source workflow automation platform allow escaping the confines of ...

Attackers are actively exploiting a critical vulnerability in React Native's Metro server to infiltrate development ...

Baddies are exploiting a critical bug in React Native's Metro development server to deliver malware to both Windows and Linux ...

The threat situation in the software supply chain is intensifying. Securing it belongs at the top of the CISO’s agenda.

In a a robust Hacker News thread sparked by Jamf Threat Labs research, a VS Code team member defended the editor's Workspace ...

A high-severity OpenClaw flaw allows one-click remote code execution via token theft and WebSocket hijacking; patched in ...

Regional APT Threat Situation In December 2025, the global threat hunting system of Fuying Lab detected a total of 24 APT attack activities. These activities were primarily concentrated in regions ...

Security issues continue to pervade the OpenClaw ecosystem, formerly known as ClawdBot then Moltbot, as multiple projects ...

A compromised Open VSX publisher account was used to distribute malicious extensions in a new GlassWorm supply chain attack.