Credential theft fell to 13% of breach vectors in 2026. Attackers now bypass MFA via help desk resets and OAuth token theft.

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...

Uncover the power of Open Source Intelligence. Learn how to collect and analyse publicly available information effectively.

Spread the love“`html Spam emails have become an all-too-familiar nuisance in our daily lives. If you’re like many people, your inbox is flooded with unwanted advertisements, phishing attempts, and ...

A single poisoned Python package has produced the most consequential AI supply chain breach of 2026. On March 31, Mercor, a $10 billion AI training startup that recruits, vets, and pays the human ...

A suspicious username, often similar to a real username (like “contact12” for a scammer impersonating a company’s customer ...

North Korea-linked ScarCruft uses fake Microsoft Account alerts and ZIP files to deliver NarwhalRAT, a Python RAT built for ...

ThreatsDay Bulletin covers AI abuse, poisoned packages, phishing, macOS attacks, SD-WAN flaws, scams, and supply-chain ...

As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself ...

A laptop screens shows email as a person reaches out to start typing a message. Knowing how to use an AI agent to sort emails can help you reduce time and fix inefficiencies in your inbox. You open ...

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to breach the servers running them and make off with sensitive data and ...

The Federal Bureau of Investigations issued a public service announcement Monday to warn of a phishing scam that targets ...