Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...

This technique can be used out-of-the-box, requiring no model training or special packaging. It is code-execution free, which ...

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Before smartphones, spreadsheets, or even written alphabets as we know them, the Inca appear to have managed information in a ...

A newly documented BlankGrabber infection chain is using a bogus “certificate” loader to disguise a multi-stage Windows compromise, adding another layer of deception to a commodity stealer already ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing supply chain attack that could have wide-ranging consequences for developers ...

Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain. The attack typically begins when a victim downloads a business-themed ZIP ...

Gesture control robotics replaces traditional buttons and joysticks with natural hand movements. This approach improves user ...

Bura, A.H. and Mung’onya, E.M. (2026) A Novel ICT-Enabled Decision Support Approach for Surveillance and Control of ...