Sometime in early 2025, an attacker slipped malicious code into a Visual Studio Code extension, and a GitHub employee installed it. For several days, that extension ran quietly on the developer’s ...
Hey Purple Community — we're back! 👋 Welcome to the May edition of Code Purple. This month, the threat landscape made one thing unmistakably clear: AI isn't just a tool for defenders anymore.
Remote Code Execution is the crown jewel of vulnerabilities, the one that lets an attacker run their own code on your infrastructure, from anywhere in the world. Understanding it deeply is ...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting Langflow and Trend Micro Apex One to its Known Exploited Vulnerabilities ( KEV ) catalog ...
"In addition, the ransomware is also capable of scanning multiple endpoints for the Log4j vulnerability (Log4shell) using Nmap NSE script ." AvosLocker , one of the newer ransomware families to fill ...
Blockaid said an attacker tricked Jaredfromsubway.eth into approving fake trading routes, then used those approvals to drain ...
Hackers are exploiting CVE-2026-5027, a high-severity path traversal issue in Langflow, for remote code execution.
Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your ...
Claude Mythos Preview autonomously built 16 working exploits targeting Firefox and Windows vulnerabilities within hours.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results