A fake VS Code extension posing as a Moltbot AI assistant installed ScreenConnect malware, giving attackers persistent remote ...
Dragos attributes a December 2025 Polish grid attack to ELECTRUM, disrupting ~30 DER sites without outages but damaging OT.
A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.
Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
Google confirms nation-state and cybercrime groups exploit a patched WinRAR flaw to gain persistence and deploy malware via ...
Researchers disclosed two n8n vulnerabilities that let authenticated users bypass JavaScript and Python sandboxes to run ...
China-linked Mustang Panda used updated COOLCLIENT malware in 2025 espionage to steal data from government and telecom ...
Fortinet released updates for an actively exploited FortiOS SSO authentication bypass flaw, CVE-2026-24858, now listed by ...
Near-identical password reuse bypasses security policies, enabling attackers to exploit predictable patterns using breached ...
Agentic AI reshapes SOC workflows by investigating 100% of alerts, reducing noise, accelerating hunting, and delivering over ...
Meta is rolling out Strict Account Settings on WhatsApp and using Rust-based media code to protect journalists and high-risk ...
A critical Grist-Core flaw (CVE-2026-24002, CVSS 9.1) allows remote code execution through malicious formulas when Pyodide ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results