-
Mozilla has released Firefox 150, addressing a staggering 271 zero-day vulnerabilities. The security team identified these latent flaws using Anthropic’s early-stage Claude Mythos Preview AI model. This massive cleanup represents a major shift in…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Mozilla has released Firefox 150 to patch 41 security vulnerabilities, including multiple high-severity flaws that could lead to remote code execution. Users should immediately update their browsers to protect against these critical memory corruption a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Malicious Google Ads are increasingly being used to steal cryptocurrency by draining wallets and harvesting seed phrases from unsuspecting users searching for legitimate DeFi apps and wallet services. Recent campaigns tracked by SEAL show a sustained, …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Infrastructure intelligence firm Infrawatch has exposed a globally distributed SIM Farm-as-a-Service ecosystem powered by a single Belarus-based software platform called ProxySmart, identifying 87 exposed control panels across 17 countries and at least…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A coordinated malware operation is abusing fake GitHub repositories to distribute a LuaJIT-based loader, SmartLoader, and a follow-on StealC infostealer, with at least 109 malicious repos active across 103 accounts. The campaign blends cloned open sour…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybercriminals are turning French freelancer fintech accounts into high-speed money laundering channels, moving stolen funds within minutes often before banks or victims realise anything is wrong. Fintech platforms like Revolut, Wise and N26 allow fast…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers have deployed a new destructive malware, dubbed Lotus Wiper , in a targeted cyberattack against energy and utilities organizations in Venezuela, aiming not to extort money but to destroy data and disrupt operations permanently. Artifacts from t…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability, tracked as CVE-2026-22752, has been disclosed in Spring Security Authorization Server, affecting organizations running Dynamic Client Registration endpoints. The flaw allows attackers to inject malicious client metadata, poten…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Atlassian has disclosed a critical OS Command Injection vulnerability (CVE-2026-21571) in Bamboo Data Centre and Server, with a CVSS score of 9.4, enabling authenticated attackers to execute commands on affected systems remotely. The flaw, tracked as C…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft is warning that North Korea‑aligned group Jasper Sleet is abusing remote hiring to slip fake IT workers into cloud environments by posing as legitimate staff and then abusing trusted access. Since the pandemic, many companies hire globally, v…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
