Threat actors are exploiting an unauthenticated information disclosure vulnerability in the WordPress plugin Gravity SMTP, active on 100,000 sites. The flaw is tracked as CVE-2026-4020 and received a ...
On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
Przemysław Kapczuk, Expert of Artificial Intelligence. Europe is rapidly increasing its use of artificial intelligence in ...
The DuneSlide vulnerabilities enable zero-click prompt injection attacks that escape Cursor's sandbox and execute arbitrary code on the underlying operating system.
Exploit for "Bad Epoll" Linux kernel vulnerability (CVE-2026-46242) can lead to root access on desktops, servers, and Android ...
Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your ...
The critical libssh2 CVE-2026-55200 flaw inverts SSH security: the remote server attacks the connecting client, no ...
A year ago, ESET Research was part of two major operations that disrupted some of the leading cybercriminal operations at the time, Lumma Stealer and Danabot. More recently, our researchers are once ...
Splunk has released security updates to address a critical security flaw in Splunk Enterprise that could be exploited to conduct unauthenticated file operations and even remote code execution. The ...
The US Bureau of Land Management (BLM) has completed an oil and gas lease sale in the Coastal Plain of the Arctic National Wildlife Refuge (ANWR) in Alaska, awarding five leases and generating $3.74m ...
Microsoft Threat Intelligence and Microsoft Defender Experts identified a Windows-based cryptocurrency clipper that has affected users since February of 2026. Clipper malware relies on stealing ...