Armored Likho BusySnake Stealer, a Python-based infostealer first disclosed by Kaspersky, is actively targeting government ...
Two critical Cursor IDE vulnerabilities, dubbed DuneSlide, let prompt injection break the editor's command sandbox with no ...
Cybersecurity teams are reviewing exposed SonicWall firewall interfaces after a sharp burst of internet scanning activity hit SonicOS management endpoints, with almost 597,000 sessions observed on 12 ...
A security researcher published six vulnerabilities in llama.cpp's model-file parser to the oss-security mailing list on May 15, 2026 — and none of them carry an assigned CVE number, meaning standard ...
I'd like to thank my co-author, Martin Zugec, for his valuable contributions to this report. This intrusion adds three dimensions to the public understanding of Chinese APT activity in contested ...
GitHub yesterday disclosed CVE-2026-3854, a high severity (8.7 CVSS) vulnerability identified in GitHub Enterprise Server that would grant an attacker with push access to a repository to achieve ...
A low-skilled cyber threat actor has been observed leveraging several generative AI (GenAI) tools to deploy a malicious campaign aimed at compromising Fortinet’s FortiGate firewall appliances. In an ...
ESET researchers discovered PromptSpy, the first known Android malware to integrate generative AI directly into its execution flow, marking a new evolution in mobile threats that leverage artificial ...
🔒 CVE-2024-6387 regreSSHion remote code execution vulnerability exploit script usage: regreSSHion.py [-h] -i IP -p PORT [-t] [-c] [-d] [-r] [-x] [-y] [-z] 🔒 CVE ...
Security researchers uncovered a range of cyber issues targeting AI systems that users and developers should be aware of — some as demo attacks and others already a threat in the wild. The year of ...
ESET researchers examined CVE‑2025‑50165, a serious Windows vulnerability described to grant remote code execution by merely opening a specially crafted JPG file – one of the most widely used image ...
The React team has released fixes for two new types of flaws in React Server Components (RSC) that, if successfully exploited, could result in denial-of-service (DoS) or source code exposure. The team ...