The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

CoinDesk Research maps five crypto privacy approaches and examines which models hold up as AI improves. Full coverage of ...

ThreatsDay Bulletin covers stealthy attack trends, evolving phishing tactics, supply chain risks, and how familiar tools are ...

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...

On March 19, 2026, a threat actor known as TeamPCP compromised Aqua Security’s Trivy vulnerability scanner – the most widely adopted open-source scanner in the cloud-native ecosystem. The attacker ...

Supply chain attacks feel like they're becoming more and more common.

The takeaway: A concept that once sounded like science fiction is now being recognized as essential to the survival of the digital world. This week, the Association for Computing Machinery awarded the ...

* This must be the first API call before using the context. * \param ctx The context to initialize. static inline void mbedtls_block_cipher_init(mbedtls_block_cipher ...

Instagram Users Urged to Save Encrypted DMs Before Feature Disappears Your email has been sent Instagram users who opted for extra privacy in their DMs may want to start saving those conversations.

Meta is pulling its end-to-end encryption option on Instagram DMs. The company announced the change in an update to its support page and via alerts to users in the app, writing: End-to-end encrypted ...

In addition to rolling out patches to address two zero-days affecting SQL Server and .NET, Microsoft introduced Common Log File System hardening with signature verification.