Credential theft fell to 13% of breach vectors in 2026. Attackers now bypass MFA via help desk resets and OAuth token theft.

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...

Uncover the power of Open Source Intelligence. Learn how to collect and analyse publicly available information effectively.

A single poisoned Python package has produced the most consequential AI supply chain breach of 2026. On March 31, Mercor, a $10 billion AI training startup that recruits, vets, and pays the human ...

A suspicious username, often similar to a real username (like “contact12” for a scammer impersonating a company’s customer ...

ThreatsDay Bulletin covers AI abuse, poisoned packages, phishing, macOS attacks, SD-WAN flaws, scams, and supply-chain ...

AI is generating code faster than humans can ever hope to verify. If your QA strategy hasn't evolved to match the speed of AI ...

As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself ...

A laptop screens shows email as a person reaches out to start typing a message. Knowing how to use an AI agent to sort emails can help you reduce time and fix inefficiencies in your inbox. You open ...

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to breach the servers running them and make off with sensitive data and ...

Your weekly cybersecurity recap: a GitHub supply chain worm, an exploited Android flaw, Instagram account takeovers, and a ...

A fast-spreading cyberattack kit called “Kali365” allows low-skill scammers to hijack a user’s account without ever stealing their password.