-
Apache Airflow has patched two separate credential-exposure vulnerabilities in versions before 3.1.6. The flaws could allow attackers to extract sensitive authentication data embedded in proxy configurations and templated workflow fields through log …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Seqrite Labs has uncovered a sophisticated spear-phishing campaign targeting Argentina’s judicial sector with a multi-stage infection chain designed to deploy a stealthy Rust-based Remote Access Trojan (RAT). The campaign primarily targets Argent…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The OPNsense team has started the new year with the release of version 25.7.11, bringing a notable networking enhancement: a native host discovery service that deepens visibility into connected devices and tightens policy control across the&#…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Advanced large language models can autonomously develop working exploits for zero-day vulnerabilities, marking a significant shift in the offensive cybersecurity landscape. The research demonstrates that artificial intelligence systems can now perform …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An open-source Android application designed to identify and test devices vulnerable to CVE-2025-36911, a critical authentication bypass flaw in Google’s Fast Pair Bluetooth protocol. The vulnerability, commonly referred to as WhisperPair, affects…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical privilege escalation vulnerability discovered in the Advanced Custom Fields: Extended WordPress plugin threatens over 100,000 active installations. The vulnerability, identified as CVE-2025-14533 with a CVSS score of 9.8, allows unauthentica…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
On January 13, 2026, Check Point Research published its analysis of VoidLink, a Chinese-developed Linux malware framework designed to target cloud environments. Following this disclosure, the Sysdig Threat Research Team (TRT) examined VoidLink’s …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
TP-Link has disclosed a high-severity authentication bypass vulnerability affecting its VIGI security camera lineup, allowing attackers on local networks to reset administrator passwords without verification. The flaw li…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
CloudSEK’s STRIKE team has uncovered a sophisticated cryptocurrency theft operation orchestrated by the threat actor “RedLineCyber,” who deliberately impersonates the notorious RedLine Solutions to establish credibility within undergr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google’s Fast Pair technology has revolutionised Bluetooth connectivity, enabling seamless one-tap pairing across supported accessories and account synchronisation for millions of users. However, a critical vulnerability discovered in …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
