Three popular plugins served malicious JavaScript through a compromised CDN.

Researchers at Comparitech want to understand the systems working behind spam emails that promise some sort of reward, ...

Thirty minutes of setup, zero dollars spent, and I'll never lose a link again.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited ...

An unknown threat actor has been observed leveraging paid or promoted posts on legitimate news websites to drum up buzz for their warez, according to new findings from Check Point Research. The threat ...

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...

The United States is requiring access to health data as part of lifesaving aid deals with African countries. The U.S. says the data will be aggregated and anonymized, but privacy experts fear the ...

CVE-2026-48907 in the Joomla JCE plugin lets unauthenticated attackers drop PHP web shells with a single crafted request.

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...

Threat actors are exploiting vulnerabilities in Joomla and the LiteSpeed cPanel plugin for code execution and privilege ...

Attackers have hijacked the code behind several popular WordPress plugins to plant hidden backdoors and rogue administrator ...

The Prime Minister of the UK Government, Sir Keir Starmer, has today confirmed that they will introduce an internet Social ...