-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding an actively exploited flaw in F5 BIG-IP systems. The vulnerability has been officially added to the Known Exploited Vulnerabilities (KEV) catalog, signali…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new wave of malicious browser extensions is quietly harvesting sensitive user interactions with AI tools, in a growing threat now dubbed “prompt poaching.” The rise of AI assistants in everyday browsing has created a usability gap. Most users interac…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
BlankGrabber’s operators are now abusing a fake “certificate” loader to hide a multi‑stage Rust and Python infection chain, making this commodity stealer significantly harder to spot on Windows endpoints. The new technique relies on built‑in tools such…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Open VSX, the extension marketplace used by VS Code forks such as Cursor and Windsurf, recently fixed a critical vulnerability in its newly introduced pre-publish scanning pipeline that could allow malicious extensions to bypass security checks and go …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The European Commission has confirmed a cybersecurity incident affecting its cloud-based infrastructure after attackers gained access to an Amazon Web Services (AWS) account hosting parts of the Europa.eu platform. According to an official statement, t…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Internet Systems Consortium (ISC) has released critical security advisories addressing three new vulnerabilities in the widely used BIND 9 Domain Name System (DNS) software suite. If left unpatched, remote attackers could exploit these weaknesses t…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has urgently added a critical flaw affecting Aquasecurity’s Trivy scanner to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2026-33634, this security weakness involves embed…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A threat actor known as Silver Fox is targeting Japanese organizations with a new wave of spearphishing attacks timed to coincide with the country’s busy tax-filing and corporate restructuring season. The campaign focuses heavily on manufacturers and e…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The FBI Cyber Division has issued a critical alert following a massive supply chain attack orchestrated by the threat actor group TeamPCP. The hackers successfully compromised two widely used developer tools, creating a cascading security incident for …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A South Asian financial institution has been hit by a custom malware toolkit combining a modular backdoor, dubbed BRUSHWORM, and a DLL side‑loaded keylogger known as BRUSHLOGGER. The attackers relied on a backdoor initially named paint.exe and a keylo…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
