-
A newly identified malware framework dubbed PCPJack is targeting exposed cloud and container infrastructure to steal credentials at scale while actively removing artifacts linked to the TeamPCP threat actor. Unlike typical cloud-focused campaigns, PCPJ…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A proof-of-concept exploit for a new Linux kernel vulnerability class dubbed “Dirty Frag”. This universal local privilege escalation vulnerability allows attackers to obtain root access across most major Linux distributions reliably. Becaus…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new distribution method for the NWHStealer infostealer that leverages the Bun JavaScript runtime, marking a significant evolution in the malware’s delivery infrastructure. The threat actors behind this Rust-based stealer are exploiting Bun̵…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Vercel has rolled out vital security updates for Next.js to address a wave of high-severity vulnerabilities affecting versions across the 13.x to 16.x branches. Published via GitHub advisories by Tim Neutkens, these flaws expose web applications to sev…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
28 fake “call history” utilities on Google Play, collectively installed more than 7.3 million times, have been exposed as subscription scams that generate fabricated logs instead of real phone records, with several also bypassing Google’s official bill…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a newly identified, severe vulnerability within Palo Alto Networks PAN-OS. Officially tracked as CVE-2026-0300, this critical flaw was aggressively added…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers have abused commercial Claude AI models to help compromise a Mexican water and drainage utility’s IT network and probe systems connected to critical infrastructure. The attackers used Claude as an operational “copilot” to discover industrial sy…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Anthropic has officially announced a massive strategic partnership with SpaceX to expand its computing capabilities significantly. This collaboration aims to provide the necessary infrastructure to scale up the Claude artificial intelligence ecosystem….
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have identified four new vulnerabilities in the Spring Cloud Config Server, ranging from medium to critical severity. These newly disclosed flaws could allow attackers to access arbitrary files, leak Google Cloud Platform (GCP) sec…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are abusing fake Claude AI installer pages promoted through Google Ads to trick users into running malware in a campaign. The operation combines highly realistic install guides with a stealthy, multi‑stage infection chain that abuses trusted Wi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
