Sites belonging to major universities such as Harvard and Oxford, as well as DuckDuckGo, have been compromised in the attack.

The security platform Socket has recently discovered an enormous worldwide malware operation that has been dubbed "TrapDoor".

Active Microsoft Exchange zero-day leaves organisations exposed By Nicola Mawson, Contributing journalistJohannesburg, 19 May 2026An exploit in on-premises Microsoft Exchange servers has already been ...

North Korea-linked hackers have upgraded the InvisibleFerret malware to bypass script-based security tools, converting its Python code into compiled modules that are harder for defenders to inspect ...

Solidity remains the dominant smart contract language for Ethereum and EVM-compatible chains, with the 2025 developer survey collecting responses from developers across eighty-seven different ...

The Echo Protocol hack revealed DeFi’s growing operational security crisis after attackers minted $76.7M fake eBTC using a stolen admin key.

Microsoft Threat Intelligence said attackers placed malicious code inside a Mistral AI download distributed through a Python ...

GitHub says a poisoned VS Code extension exposed 3,800 internal repos as Binance founder CZ tells crypto devs to rotate keys.

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.

For protocol founders and security researchers, the incident reinforced a broader shift underway across crypto: DeFi is no longer primarily battling coding bugs. It’s battling complexity.