A China-linked threat cluster has been exploiting vulnerable Roundcube servers at U.S. and Canadian universities to steal ...
Google fixed Rogue Agent, a Dialogflow CX Code Blocks flaw that could let one writable agent affect every chatbot in a Cloud ...
SCMBANKER watches banking windows, captures screenshots, hijacks CLABE and card numbers, and can deploy Remote Utilities for ...
The DuneSlide vulnerabilities enable zero-click prompt injection attacks that escape Cursor's sandbox and execute arbitrary code on the underlying operating system.
Lazarus Group concealed a four-module remote access toolkit inside six fake npm Rollup polyfill packages that fired at import ...
Suspected Chinese spies have been breaking into major US and Canadian universities since May, exploiting vulns in Roundcube mailservers to steal data belonging to physics and engineering ...
JadePuffer exploited a vulnerable Langflow server, harvested credentials, moved laterally, and encrypted more than 1,300 ...
Researchers identified what they believe is the first documented case of a ransomware operation, JadePuffer, conducted ...
Google released a Chrome update addressing 382 security bugs, including sandbox-escape risks. Users and IT teams should ...
Manufacturing Sector Faces Elevated Ransomware and APT Risks** Ransomware remains one of the most persistent cyber threats in 2026, with activity settling into a new elevated baseline rather than ...
According to Socket, malicious payment SDK packages on npm and PyPI are harvesting developer credentials and CI/CD ...
Unsurprisingly to many of us, app stores for smart televisions are also trash. Perhaps even more full of trash than other app stores due to the smaller ecosystem and fewer reviewers. Spur analyzed ...