-
As Linux continues to dominate high-performance computing, cloud services, and Internet of Things (IoT) devices, it has become a prime target for cybercriminals. However, while much research has focused on manipulating Windows executables to bypass sec…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Researchers are warning that widely trusted local tools such as macOS’s textutil and KeePassXC can pose unexpected security risks when used within automated workflows. The issue is not traditional vulnerabilities such as memory corruption or code…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
North Korean state-backed hackers are using weaponized Excel-themed files to infect pharmaceutical and life science companies with malware, abusing Windows shortcut files, PowerShell, and cloud storage for stealthy data theft. The campaign begins with …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
OpenClaw, a rapidly adopted open-source autonomous AI agent framework, has released critical security updates to address three moderate-severity vulnerabilities. Found in npm package versions before 2026.4.20, these complex flaws expose systems to seve…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has rolled out urgent security updates for its Gemini CLI and the accompanying GitHub Action to address a critical vulnerability. Tracked as GHSA-wpqr-6v78-jr5g, this flaw exposes continuous integration and continuous deployment (CI/CD) pipeline…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly uncovered npm malware campaign is targeting packages linked to Namastex Labs, abusing developer trust to steal sensitive secrets and silently spread across both npm and PyPI ecosystems. The malicious activity centers on Namastex.ai, a company t…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Tenable has disclosed a high-severity security vulnerability in its Nessus Agent software for Windows that could allow attackers to execute malicious code with full SYSTEM-level privileges. The flaw, tracked as CVE-2026-33694, has been patched in the n…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly identified ClickFix attack variant is raising concerns among cybersecurity researchers after it was observed replacing traditional PowerShell-based delivery with a stealthier technique leveraging native Windows utilities. The infection begins w…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Vidar has evolved from a basic Arkei-based credential stealer into a multi-stage, stealth-focused infostealer that now hides second‑stage payloads within JPEG and TXT files to evade modern defenses. First observed in 2018, Vidar now operates as a matur…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have published a working Proof of Concept (PoC) exploit for a critical vulnerability in Metabase Enterprise. Tracked as CVE-2026-33725, this security flaw allows attackers to achieve Remote Code Execution (RCE) and read arbitrary f…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
