GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

Amazon security boss says crims abused max-security Cisco firewall flaw weeks before disclosure

Ransomware criminals exploited CVE-2026-20131, a maximum-severity bug in Cisco Secure Firewall Management Center software, as a zero-day vulnerability more than a month before Cisco patched the hole, ...

New “Darksword” iOS exploit used in infostealer attack on iPhones

A new exploit kit for iOS devices and delivery framework dubbed "Darksword" has been used to steal a wide range of personal information, including data from cryptocurrency wallet app.

UConn teammates Sarah Strong and Azzi Fudd headline AP All-America first team

Sarah Strong and Azzi Fudd helped UConn to an undefeated season heading into March Madness. The pair became the first teammates in six years to make The Associated Press All-America team. It's the ...

Gerry McNamara says Syracuse rumors 'inevitable,' but focus is on Siena's challenge vs. No. 1 Duke

GREENVILLE, S.C. (AP) — Given his strong ties to Syracuse and his recent success in transforming Siena into an NCAA Tournament team in just two seasons as head coach, Gerry McNamara is an obvious ...

My most useful Chrome extension was stealing my data for years

An extension I used almost every day was bought by a new owner and loaded up with spyware. It happened in 2024, but Google only removed it this week.
The Hacker News

Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access

Interlock ransomware is actively exploiting CVE-2026-20131 (CVSS 10.0) in Cisco FMC, enabling unauthenticated remote code execution as root.