Cline is CLI npm package that is a simple AI assistant. Recently, it experienced a supply chain compromise via a unique prompt-injection bug. The package used the GitHub Action claude-code-action...

ConnectWise security advisory (AV26-257)

Google Chrome security advisory (AV26-256)

Jenkins security advisory (AV26-255)

Identity protection company Aura has confirmed that an authorized party gained access to nearly 900,000 customer records containing names and email addresses. [...]

Roundcube security advisory (AV26-254)

Citrix security advisory (AV26-253)

VMware security advisory (AV26-252)

Interlock's post-exploit toolkit exposed Ransomware criminals exploited CVE-2026-20131, a maximum-severity bug in Cisco Secure Firewall Management Center software, as a zero-day vulnerability more...

Italian prosecutors have confirmed the hacking of journalist Francesco Cancellato, who was alerted of a suspected attack last year. The post Italian Prosecutors Confirm Journalist Was Hacked with...

Atlassian security advisory (AV26-251)

When a Magecart payload hides inside the EXIF data of a dynamically loaded third-party favicon, no repository scanner will catch it – because the malicious code never actually touches your repo....

Cybersecurity researchers have warned about the risks posed by low-cost IP KVM (Keyboard, Video, Mouse over Internet Protocol) devices, which can grant attackers extensive control over compromised...

Security teams today are not short on tools or data. They are overwhelmed by both. Yet within the terabytes of alerts, exposures, and misconfigurations – security teams still struggle to...

CISA has ordered U.S. government agencies to secure their servers against an actively exploited vulnerability in the Zimbra Collaboration Suite (ZCS). [...]

A curated list of resources on how the EVM functions and security patterns.

Claude classifies skills into two buckets: capability uplift and encoded preference. The former is for getting Claude to perform actions that it cannot do by itself. The second is something that...

The author of this post was reviewing a target that had an interactive playground for developers to write and evaulate Javascript to interact with a developer API. This is a great attack surface...

Mitel security advisory (AV26-250)

QEMU is a machine emulator and virtualizer that let's a host system run guest operating systems of any architecture. For this post, they decided to review Virtio Devices because they require an...

GNU security advisory (AV26-249)

Apple security advisory (AV26-248)

[Control Systems] Phoenix Contact Security Advisory (AV26-247)

ConnectWise is warning ScreenConnect customers of a cryptographic signature verification vulnerability that could lead to unauthorized access and privilege escalation. [...]

A powerful iPhone-hacking technique known as DarkSword has been discovered in use by Russian hackers. It can take over devices running iOS 18 that simply visit infected websites.

Introduction Google Threat Intelligence Group (GTIG) has identified a new iOS full-chain exploit that leveraged multiple zero-day vulnerabilities to fully compromise devices. Based on toolmarks in...

The kit, named Darksword, has a variety of possible implications, the research from iVerify, Lookout and Google suggests. The post Second iOS exploit kit emerges from suspected Russian hackers...

This blog is the latest in a series that delves into the deep research conducted daily by the LevelBlue SpiderLabs team on major threat actor groups currently operating globally. It is an overview...

Researchers map full org chart of the scam from dodgy recruiters to helpful Western collaborators Researchers at IBM X‑Force and Flare Research have uncovered data that sheds light on how North...

A high-severity security flaw affecting default installations of Ubuntu Desktop versions 24.04 and later could be exploited to escalate privileges to the root level. Tracked as CVE-2026-3888 (CVSS...