Archive
All articles, newest first. Page 21.
PromptMink Malware: First Malicious Commit Co-Authored by Anthropic's Claude Opus
The Famous Chollima campaign marks the first instance of a malicious commit co-authored by an AI model, affecting over 1,700 software…
Black Axe: Southern Europe Leader Arrested in Switzerland
Ten arrests in Switzerland target Black Axe, a Nigerian criminal network specializing in romance scams and money laundering. Explainin…
Vercel Breach: The Risks of Shadow AI OAuth Exposed
The Vercel breach highlights the danger of Shadow AI integrations: how a forgotten OAuth token opened corporate doors. Here is what yo…
CISA Shutdown: US Cyber Defense on Standby Due to Lack of Funds
CISA.gov is no longer actively managed due to a federal funding lapse. Meanwhile, the FIRESTARTER malware threat targets critical Cisc…
EU Commission: Meta Accused of Failing to Protect Children Under 13
EU Commission finds DSA violations as Instagram and Facebook fail to block children under 13. Meta faces potential fines of up to 6% o…
CISA KEV: Windows and ScreenConnect Added to List of Exploited Vulnerabilities
CISA adds CVE-2024-1708 and CVE-2026-32202 to the KEV catalog. Russian APT28 and Chinese Storm-1175 leverage these flaws for espionage…
Firefox 150: Mythos AI Finds 271 Zero-Days in Paradigm Shift
Claude Mythos AI discovered 271 zero-days in Firefox 150. Learn why this marks a paradigm shift in cybersecurity and what it means for…
Critical cPanel Vulnerability: Urgent Patch and Hosting Access Blocks
A critical cPanel authentication vulnerability forced providers to block access. Learn about the security risks and the importance of…
The Gentlemen Ransomware: Over 320 Victims and Botnet of 1,570+ Companies
The Gentlemen group becomes the second most active ransomware of 2026. Over 320 victims and a ready botnet: here is the model attracti…
Scattered Spider: 'Bouquet' Arrested in Helsinki Under US Charges
A 19-year-old dual US-Estonian citizen known as 'Bouquet' has been arrested in Helsinki on US charges related to the Scattered Spider…
CVE-2026-3854: Critical RCE Vulnerability on GitHub Discovered by AI
CVE-2026-3854 puts GitHub Enterprise Server at risk. Discovered via AI, it allowed RCE. Technical details and patch discrepancies insi…
VECT 2.0 Ransomware: The Critical Bug That Permanently Destroys Encrypted Files
A design flaw turns VECT 2.0 into a wiper: files over 131KB are irreversibly destroyed. Paying the ransom recovers nothing. Here is th…
CVE-2026-25874: Unpatched Critical RCE Found in Hugging Face LeRobot
A critical CVSS 9.3 flaw hits Hugging Face's LeRobot. Learn about the RCE risks and the month-long patch delay following initial discl…
Paragon Spyware: A Year of Silence on the Italian Investigation
Paragon Solutions has not responded to the Italian judiciary on Graphite spyware used against journalists. Here is why the case remain…
Entra ID Vulnerability: Patch for Agent ID Privilege Escalation
Microsoft fixed a vulnerability in Entra ID's Agent ID Administrator role. The bug allowed high-privilege service principal takeover.…
PyPI: Package with 1.1 Million Downloads Hacked to Distribute Infostealer
A PyPI package with 1.1 million monthly downloads was compromised to distribute an infostealer. Analysis of the software supply chain…
Chinese Hacker Extradited to the US: The Xu Zewei Case
Xu Zewei, an alleged Hafnium member arrested in Milan, was extradited to the US. Accused of stealing COVID research, the case sparks a…
GlassWorm v2: 73 Fake VS Code Extensions Discovered on Open VSX
A cluster of 73 malicious extensions linked to GlassWorm v2 discovered on Open VSX. Attackers use sleeper packages to evade security c…
IRSF Fraud via Fake CAPTCHAs: Analysis of the Campaign Active Since 2020
Over 120 campaigns use Keitaro TDS to distribute IRSF scams via fake CAPTCHAs. 17 countries hit, costs up to $30 per victim. Here are…
2023 Flashback: ChatGPT, the Privacy Authority Block, and Data Management
2023 Retrospective: From the Italian Privacy Authority’s ChatGPT ban for non-compliance to the technical glitch exposing Plus users' d…