vulnerabilities
-
The DMA Evolution: EU Proposes Mandatory Search Data Interoperability for Google
The regulatory landscape for Big Tech is undergoing a seismic shift. In a move aimed at dismantling the data silos…
Read More » -
Critical Security Alert: RCE Vulnerabilities in Google’s Gemini CLI and GitHub Actions
Google has issued an urgent security advisory following the discovery of critical vulnerabilities within the Gemini CLI and its integrated…
Read More » -
Securing Autonomous Agents: OpenClaw Patches Critical Policy Bypass and Credential Leak Vulnerabilities
As the adoption of autonomous AI agent frameworks accelerates, the attack surface for these highly capable systems expands alongside them.…
Read More » -
Tenable Nessus Agent Vulnerability (CVE‑2026‑33694): Local Junction‑Point Privilege Escalation
In a significant security update, Tenable has disclosed a high-severity vulnerability within its Nessus Agent software for Windows environments. While…
Read More » -
Chaining Vulnerabilities to Achieve Root Access in CODESYS Soft PLCs
Recent research published by Nozomi Networks Labs has uncovered a sophisticated exploit chain targeting the CODESYS Control runtime. By leveraging…
Read More » -
Securing the Frontier: OpenAI’s GPT-5.5 Bio Bug Bounty Program Aims to Improve AI Safety and Performance
As large language models (LLMs) transition from general-purpose assistants to highly sophisticated cognitive engines, the surface area for potential misuse…
Read More » -
The Invisible Shadow: How Signaling Vulnerabilities Enable Global Mobile Surveillance
A groundbreaking investigation by Citizen Lab has pulled back the curtain on a series of sophisticated, multi-year surveillance campaigns that…
Read More » -
NCSC-UK Warns of China-Linked Covert Networks Using Hijacked IoT Devices
The UK’s National Cyber Security Centre (NCSC), along with international partners, has issued a joint warning about a growing trend…
Read More » -
GitLab Issues Emergency Patches for 11 Vulnerabilities
GitLab has issued an urgent security advisory following the discovery of 11 distinct vulnerabilities affecting both its Community Edition (CE)…
Read More » -
The Evolution of Deception: Unmasking North Korean ‘Laptop Farms’ and Remote Work Infiltration
North Korean threat actors are refining a high-stakes social engineering playbook, leveraging the global shift toward remote work to bypass…
Read More » -
The Industrialization of Web3 Theft: How HexagonalRodent Leverages AI and Social Engineering to Loot Developers
In a sophisticated evolution of North Korean cyber operations, a threat actor group known as HexagonalRodent is systematically targeting the…
Read More » -
The Multi-Stage Supply Chain Compromise of Checkmarx KICS
In a sophisticated demonstration of supply chain exploitation, the official Checkmarx KICS (Keeping Infrastructure as Code Secure) ecosystem has fallen…
Read More » -
Precision Targeting: Deconstructing the notnullOSX macOS Stealer Campaign
A sophisticated new cyber-threat has emerged in the macOS ecosystem, targeting high-net-worth individuals through a highly curated social engineering campaign.…
Read More » -
Mozilla Leveraged Claude Mythos to Patch 271 Zero-Day Vulnerabilities
In a landmark release for web browser security, Mozilla has deployed Firefox 150, a version defined by an unprecedented security…
Read More » -
Mozilla MFSA-2026-30: Critical Memory Safety & Privilege Escalation Fixes for Firefox 150 & Thunderbird 150
Mozilla has released a comprehensive security advisory (MFSA-2026-30) addressing a significant cluster of vulnerabilities affecting various components of the Firefox…
Read More » -
Critical OS Command Injection Vulnerability (CVE-2026-21571) Identified in Atlassian Bamboo
Atlassian has issued a critical security advisory regarding a high-impact OS Command Injection vulnerability, tracked as CVE-2026-21571, affecting Atlassian Bamboo…
Read More » -
Security Advisory: Discovery of “Auraboros,” an Unauthenticated, High-Capability RAT Framework
In a significant finding for the threat intelligence community, a previously undocumented Remote Access Trojan (RAT) framework, dubbed Auraboros, has…
Read More » -
Claude Mythos Breach Exposes Critical Flaw in AI Security Supply Chains
In a significant blow to the specialized AI security sector, a group of unauthorized actors has successfully bypassed multi-layered access…
Read More »