Ghostwriter’s March 2026 Ukraine attacks use PDF lures and geofencing to deploy Cobalt Strike on government targets.

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used JavaScript implementation of Google's Protocol Buffers. The tool is highly ...

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. The latest analysis from the threat intelligence team at ...

An attacker compromised the npm account of a lead Axios maintainer on March 30 and used it to publish two malicious versions of the widely used JavaScript HTTP client library, according to ...

Chainalysis noted that on April 18, 2026, cybercriminals believed to be tied to North Korea’s Lazarus Group executed one of the largest DeFi heists of the year, siphoning approximately $292 million ...

Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest sensitive data from developer environments. KICS, short for Keeping ...

One group of hackers used AI for everything from vibe coding their malware to creating fake company websites—and stole as much as $12 million in three months. On Wednesday, cybersecurity firm Expel ...

Cloud app hosting giant Vercel this weekend said hackers had breached its internal systems and accessed customer data. Hackers have claimed they have stolen sensitive customer credentials from ...

In a host of books and articles as a political scientist, he attacked received ideas on the battle of the sexes, the usefulness of high school math and other subjects. By Robert D. McFadden Andrew ...

When security researchers at Mozilla, the maker of the popular web browser Firefox, pointed a powerful new artificial intelligence model at their code, they had a feeling of “vertigo.” Bobby Holley, ...