A fresh wave of ransomware activity is being fueled by an uncomfortable mix of software supply-chain risk, rapidly weaponized zero-day ...

This week’s cyber recap covers AI risks, supply-chain attacks, major breaches, DDoS spikes, and critical vulnerabilities security teams must track.

Plus: Apple’s Lockdown mode keeps the FBI out of a reporter’s phone, Elon Musk’s Starlink cuts off Russian forces, and more.

Baddies are exploiting a critical bug in React Native's Metro development server to deliver malware to both Windows and Linux ...

A compromised Open VSX publisher account was used to distribute malicious extensions in a new GlassWorm supply chain attack.

Notepad++ has shared additional details on the supply chain attack carried out by Chinese state-sponsored hackers via a ...

PSA: Notepad++ users who haven't yet updated to version 8.8.9 or later should manually download the latest installer as soon as possible. Following reports of malicious activity, a December 2025 ...

Notepad++ version 8.8.9 was released to fix a security weakness in its WinGUp update tool after researchers and users reported incidents in which the updater retrieved malicious executables instead of ...

This is not a drill! The makers of the popular text editor Notepad++ are warning that the Notepad++ updater, which goes by the name WinGUp, links to malware servers. This is a case of traffic ...

JavaScript is a sprawling and ever-changing behemoth, and may be the single-most connective piece of web technology. From AI to functional programming, from the client to the server, here are nine ...

A lightning-fast crash course on JavaScript, the world’s most popular programming language. From its 1995 origins as Mocha in Netscape to powering front-end apps, Node.js servers, mobile apps, and ...