The mechanics behind the headlines
A poisoned VS Code extension on a single developer device gave TeamPCP access to 3,800 of GitHub's internal repositories. Grafana fell the same week via a different vector in the same campaign.
CrowdStrike, Google, and the Shadowserver Foundation simultaneously severed all four C2 channels of the GlassWorm botnet on May 26 — ending a persistent campaign that infiltrated npm, PyPI, VS Code extensions, and GitHub repositories since early 2025.
MFA secures your login. It does not secure your session. Here is exactly how attackers exploit that gap — and what it takes to close it.
82% of phishing emails now use AI. They have perfect grammar, know your name, and reference real details about your life. The old advice — look for typos — no longer works. Here's what does.
The biggest threat to your accounts right now isn't a massive new hack. It's infostealer malware — silent software that harvests your passwords in seconds and sells them for $10 on the dark web.