…push infostealer New npm supply-chain attack self-spreads to steal auth tokens Backdoored PyTorch Lightning package drops credential stealer Hackers compromise Axios npm package to drop cross-platform malware Backdoored Telnyx…
…A relatively new extortion gang known as CoinbaseCartel has claimed the attack by adding Grafana to their data leak site (DLS), although no data has been leaked yet. Grafana Labs is the…
…On the video platform, the attacker drops download links in descriptions and comments. Some of the videos are well-made, featuring voice-over narration for authenticity, and have accumulated more than 7…
SAP has released the May 2026 security updates addressing 15 vulnerabilities across multiple products, including two critical flaws in the Commerce Cloud enterprise-grade e-commerce platform and the S/4HANA ERP…
…New Langflow flaw actively exploited to hijack AI workflows New critical Exim mailer flaw allows remote code execution Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator AI Artificial Intelligence NGINX…
…running client Windows platforms (i.e., Windows 11 25H2, Windows 11 24H2, and Windows 11 23H2). Microsoft says that impacted Windows devices installed recommended driver updates without user approval, even when driver…
…The platform offers corporate, residential, and mobile proxies for monthly subscriptions between $5 and $15, with discounts for bulk purchases. Although such services often comprise IPs that voluntarily donate bandwidth by using…
…Drupal website administrators should continue to monitor the platform’s official security portal throughout the day for more information and prepare to apply the security update as soon as it’s made…
…Formerly known as Cisco Tetration, Cisco Secure Workload helps admins reduce their network's attack surface through zero trust microsegmentation and stop lateral movement to keep business applications safe. Tracked as CVE…
