Attacks leveraging the 'PolyShell' vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are underway, targeting more than half of all vulnerable stores.

WebRTC skimmer exploits PolyShell flaw since March 19, hitting 56.7% stores, enabling stealth data theft bypassing CSP.

CISA ordered U.S. government agencies to patch three iOS vulnerabilities targeted in cryptocurrency theft and cyberespionage ...

A newer DarkSword exploit leak makes hacking outdated iPhones easier, exposing hundreds of millions of devices to risk.

Cloudflare says dynamically loaded Workers are priced at $0.002 per unique Worker loaded per day, in addition to standard CPU ...

Tristan Roberts, from Prestatyn, Denbighshire, waited until he was 18 to buy the weapons he would use to murder his mother, ...

Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor known as TeamPCP, the cloud-native cybercriminal operation also behind the ...

A report has confirmed that a highly sophisticated, full-chain exploit kit internally known as DarkSword has been publicly ...

A threat actor who stole credentials from a legitimate node package manager (npm) publisher has spread a persistent, worm-like malware across dozens of packages, security firms say. Named CanisterWorm ...

Securing dynamic AI agent code execution requires true workload isolation—a challenge Cloudflare’s new API was built to solve.

Russia-linked APT28 has exploited a high-severity XSS vulnerability in Zimbra in attacks against Ukrainian entities.