Researchers identified what they believe is the first documented case of a ransomware operation, JadePuffer, conducted ...
Lazarus Group concealed a four-module remote access toolkit inside six fake npm Rollup polyfill packages that fired at import ...
The DuneSlide vulnerabilities enable zero-click prompt injection attacks that escape Cursor's sandbox and execute arbitrary code on the underlying operating system.
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
CISA added CVE-2026-45659 SharePoint Server RCE to KEV following confirmed exploitation, requiring U.S. agencies to patch by ...
CISA added a Microsoft SharePoint RCE flaw to its exploited bugs catalog after confirming active attacks on unpatched servers ...
CISA warned on Wednesday that attackers have begun exploiting a high-severity Microsoft SharePoint remote code execution ...
A set of 13 exploits were released by the Shadow Brokers hacker group, with Microsoft providing a rapid response, downplaying ...
Researchers have discovered two vulnerabilities in the widely used Cursor AI-enabled integrated development environment (IDE) ...
Agentic security company Straiker Inc. today revealed that it has raised $64 million in new funding to expand a platform ...
Multiple Malaysian government websites have been compromised in a series of cyberattacks, the National Cyber Security Agency (NACSA) confirmed. The attacks are believed to have exploited a critical ...
Microsoft disrupted StegoAd, a malicious browser extension campaign affecting up to 2.6 million users. StegoAd used hidden payloads, delayed execution and steganography to evade browser security ...