iPhone exploit DarkSword has been released in the wild: How to protect yourself

Uh-oh. Now anyone can easily use it.

Yuba sheriff's detectives arrest third suspect in deadly Olivehurst shooting

The 30-year-old Olivehurst man struck by gunfire last weekend died later at a hospital.
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide. This analysis walks through the Trivy supply‑chain compromise, attacker ...
InfoWorld

New ‘StoatWaffle’ malware auto‑executes attacks on developers

The newly observed malware abuses VS Code’s “runOn:folderOpen” feature to execute automatically from trusted projects, enabling near-frictionless compromise.
Morning Overview on MSN

Security credentials exposed on thousands of websites, report finds

Researchers from three universities have found that nearly 10,000 webpages are publicly exposing API credentials, leaving sensitive services wide open to potential abuse. The team scanned 10 million ...