-
A newly discovered jailbreak technique named “sockpuppeting” successfully forces 11 leading artificial intelligence models, including ChatGPT, Claude, and Gemini, to bypass their safety guardrails. By exploiting a standard application progr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly discovered supply chain attack is spreading the GlassWorm malware across multiple developer environments by abusing the OpenVSX extension marketplace. GlassWorm is not new. Researchers have tracked the campaign since March 2025, when attackers …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
DesckVB RAT is emerging as a highly active and stealthy malware threat in 2026, leveraging layered obfuscation and fileless execution techniques to bypass traditional security defenses. The attack chain begins with a malicious JavaScript file that hide…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
AWS recently issued a critical security bulletin addressing severe vulnerabilities in its Research and Engineering Studio (RES). RES is an open-source web portal that allows administrators to create and manage secure cloud-based research environments. …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
For years, WhatsApp required users to share their personal phone numbers to communicate. This is finally changing. To improve user privacy and mitigate risks like doxing or targeted spam, WhatsApp is rolling out a highly anticipated username feature. T…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are abusing ClickFix commands and booby-trapping DMG installers to deliver a new macOS stealer called notnullOSX, built to loot high-value crypto wallets from Mac users. The story starts with 0xFFF, a malware developer who abruptly quit a major…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers at Sansec uncovered a large-scale Magecart campaign targeting Magento e-commerce platforms. Nearly 100 online stores were infected with a sophisticated credit card skimmer. To evade security scanners and steal shopper payment data …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A recently observed phishing campaign is abusing Google Cloud Storage to deliver the Remcos remote access trojan (RAT), relying on trusted Google infrastructure and a signed Microsoft binary to evade traditional defenses. Attackers host a fake Google D…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A refreshed ClickFix campaign that swaps macOS Terminal for Script Editor to deliver an Atomic Stealer payload to unsuspecting Mac users quietly. By abusing the applescript:// URL scheme, attackers sidestep Apple’s new paste-protection in Terminal on m…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have published technical details regarding a highly critical vulnerability in the Cisco Smart Software Manager On-Prem (SSM On-Prem). Tracked as CVE-2026-20160, this flaw carries a near-maximum CVSS score of 9.8. It allows remote, …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
