Plus: A porn-quitting app exposed the masturbation habits of hundreds of thousands of users, Russian hackers are trying to take over people’s Signal accounts, and more.

Google patches two actively exploited Chrome vulnerabilities that could allow attackers to crash browsers or run malicious code. Billions of users urged to update.

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

This week saw attacks on Claude Code users, LastPass users, Starlink users, and, perhaps worst of all, people who needed an ambulance. Add a dash of AI hacking, and you have another wild week in ...

Google has released emergency security updates to patch two high-severity Chrome vulnerabilities exploited in zero-day attacks.

AI-generated Slopoly malware used by Hive0163 in 2026 attacks maintained access for over a week, highlighting how AI ...

Add Decrypt as your preferred source to see more of our stories on Google. The Bonk.fun team is urging users not to visit the site after hackers compromised a team account and pushed a wallet-draining ...

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.

Signal says its systems are secure but it is taking reports of targeted attempts to hack some officials "very seriously".

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft and system compromise.

Arion Kurtaj, the 23 year old who hacked GTA 6 as a teenager, claims to be surprised that the game's source code has not leaked to the public.