This week’s cybersecurity recap highlights key attacks, zero-days, and patches to keep you informed and secure.

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

Does vibe coding risk destroying the Open Source ecosystem? According to a pre-print paper by a number of high-profile ...

Once trust is granted to the repository's author, a malicious app executes arbitrary commands on the victim's system with no ...

A step-by-step guide to installing the tools, creating an application, and getting up to speed with Angular components, ...

According to the firm’s latest supply chain security report, there was a 73% increase in detections of malicious open-source packages in 2025. The past year also saw a huge jump in the scope of ...

Malicious sleeper browser extensions are spying on users across Firefox, Chrome, and Edge. Here’s how they work and how to ...

VoidZero has unveiled Oxfmt, a cutting-edge Rust-based code formatter that offers over 30x faster performance than Prettier ...

Your inbox may be a disaster, but five minutes of filtering will make you feel like a functional human again. Jason Chun is a CNET writer covering a range of topics in tech, home, wellness, finance ...

Thin clients are cheap, quiet Linux endpoints, but most people deploy them wrong. Here’s how to use them the right way.