supply

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

AndyC 24 February 2026

Cybersecurity researchers have disclosed what they say is an active "Shai-Hulud-like" supply chain worm campaign that has leveraged a cluster...

Read More

Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems

Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems

AndyC 21 February 2026

In yet another software supply chain attack, the open-source, artificial intelligence (AI)-powered coding assistant Cline CLI was updated to stealthily...

Read More

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

AndyC 7 February 2026

Cybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm and the Python Package Index...

Read More

Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm

Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm

AndyC 2 February 2026

Ravie LakshmananFeb 02, 2026Developer Tools / Malware Cybersecurity researchers have disclosed details of a supply chain attack targeting the Open...

Read More

EDR killers explained: Beyond the drivers

EDR killers explained: Beyond the drivers

AndyC 20 March 2026

In recent years, EDR killers have become one of the most commonly seen tools in modern ransomware intrusions: an attacker acquires high privileges, deploys such...

Read More

Face value: What it takes to fool facial recognition

Face value: What it takes to fool facial recognition

AndyC 14 March 2026

ESET’s Jake Moore used smart glasses, deepfakes and face swaps to ‘hack’ widely-used facial recognition systems – and he'll demo it all at RSAC 2026...

Read More

Cyber fallout from the Iran war: What to have on your radar

Cyber fallout from the Iran war: What to have on your radar

AndyC 13 March 2026

The war in Iran was less than 24 hours old when it produced a historic first: the deliberate targeting of commercial data centers. On March...

Read More

Sednit reloaded: Back in the trenches

Sednit reloaded: Back in the trenches

AndyC 11 March 2026

Since April 2024, Sednit’s advanced development team has reemerged with a modern toolkit centered on two paired implants, BeardShell and Covenant, each using a different...

Read More

What cybersecurity actually does for your business

What cybersecurity actually does for your business

AndyC 7 March 2026

Business Security The ability to continue operating safely in an unsafe environment where competitors cannot is a competitive advantage that is rarely measured or discussed...

Read More

How SMBs use threat research and MDR to build a defensive edge

How SMBs use threat research and MDR to build a defensive edge

AndyC 6 March 2026

Corporate IT and security teams have the unenviable task of keeping relentless and increasingly sophisticated adversaries at bay. They’re often faced with limited resources and...

Read More

EDR killers explained: Beyond the drivers

EDR killers explained: Beyond the drivers

AndyC 20 March 2026

Key Aspects of EASA Certification and Compliance

Key Aspects of EASA Certification and Compliance

AndyC 20 March 2026

Key Aspects of EASA Certification and Compliance

Announcing langchain-textual: PII redaction and synthesis for LangChain on Tonic Textual

AndyC 20 March 2026

Magazine Insights

Automated Threat Detection for Quantum-Enabled Adversarial Attacks on AI Context

AndyC 20 March 2026

Magazine Insights

Automated Threat Detection for Quantum-Enabled Adversarial Attacks on AI Context

AndyC 20 March 2026