• Attackers Move Past Typosquatting to Realistic Package Impersonation
• Cybercriminals sail away with data from 6 million Carnival customers
• Microsoft’s Copilot trust test: Zero findings, more models, wider oversight
• Zapier exploit chain shows how known anti-patterns compose into critical risk
• OpenAI prepares ChatGPT for the election misinformation wave
• Microsoft Condemns "Uncoordinated" Zero Day Disclosures
• New Threat Actor Jinx-0164 Targets Crypto Developers on macOS
• Infosecurity Europe: Cybersecurity Staff Prefer CISOs With Real Attack Response Experience, Study Reveals
• Microsoft’s new cloud PCs place AI agents under enterprise controls
• A single typo could derail your World Cup plans
• GCHQ Chief Urges Action as AI Reshapes Cyber Threats
• CrowdStrike, Google Take Down Glassworm Botnet
• Infosecurity Europe: Why Burnout in Cybersecurity Demands Risk-Based Response
• Thousands of Fake FIFA Domains Target World Cup Fans
• 68% of UK Firms Plan to Increase Cyber Spending as AI Risks Rise
• PureLogs Variant Steals Data via Purchase Order Lures
• Chinese Threat Actors Ditch Static Phishing Pages for Live Credential Interception
• BTMOB Android RAT Spreads Through No-Code Builder Tooling
• India's CERT-In Sets 12-Hour Patch Deadline for Exposed Flaws
• Iran-Linked Hackers Target US Aviation with Phishing and SEO Poisoning Campaign
• FBI Warns 'Kali365' Phishing Kit Hijacks Microsoft 365 OAuth Tokens

Most malicious open source packages now mimic real code rather than rely on typosquatting