Securonix uncovers the Veil#Drop malware framework, which abuses compromised websites and Google Blogspot to deploy the PureLog information stealer.
An "agentic threat actor" successfully exploited a Langflow flaw to steal data from a production database server and encrypt ...
Attackers are now exploiting a maximum-severity Adobe ColdFusion vulnerability tracked as CVE-2026-48282, according to ...
JadePuffer exploited a vulnerable Langflow server, harvested credentials, moved laterally, and encrypted more than 1,300 ...
Security researchers say an autonomous AI agent carried out a complete ransomware attack, adapting to failures and executing ...
Lazarus Group concealed a four-module remote access toolkit inside six fake npm Rollup polyfill packages that fired at import ...
The DuneSlide vulnerabilities enable zero-click prompt injection attacks that escape Cursor's sandbox and execute arbitrary code on the underlying operating system.
Infosecurity spoke with the researcher who dumped over 30 proof-of-concept exploits without disclosing the vulnerabilities ...
CISA added a Microsoft SharePoint RCE flaw to its exploited bugs catalog after confirming active attacks on unpatched servers ...
Spread the love“`html On July 1, 2026, Google rolled out Chrome 151, a substantial update designed to patch an astonishing 382 Chrome vulnerabilities. Among these, 15 were classified as critical flaws ...
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
CISA warned on Wednesday that attackers have begun exploiting a high-severity Microsoft SharePoint remote code execution ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results