A critical vulnerability in IPFire 2.29’s web-based firewall interface (firewall.cgi) allows authenticated administrators to inject persistent JavaScript code, leading to session hijacking, unauthorized actions, or…
The number of ransomware attacks observed worldwide held steady in July, increasing by just 1% to 376 recorded cases, according to the latest monthly Threat…
The battle of the AI coding assistants (click for full size) I want to answer the question of how good OpenCode is compared to Claude…
China linked Silk Typhoon targeted diplomats by hijacking web traffic Pierluigi Paganini August 27, 2025 The China-linked APT group Silk Typhoon targeted diplomats by hijacking…
The overwhelming volume of work that needs to be done (click for full size) Every minute, millions of security events flow through corporate networks. Thousands…
Google has released an emergency security update for Chrome to address a critical use-after-free vulnerability (CVE-2025-9478) in the ANGLE graphics library that could allow attackers…
Google Threat Intelligence Group (GTIG) has issued an advisory concerning a broad data theft operation targeting corporate Salesforce instances via the Drift integration. Beginning as…
This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Buttercup: Open-source AI-driven system detects and patches…
Kai: AI-powered coding in Neovim (click for full size) I use LazyVim, btw. lol I’ve been using AI to help with coding for a while…
A sophisticated data exfiltration campaign targeting corporate Salesforce instances has exposed sensitive information from multiple organizations through compromised OAuth tokens associated with the Salesloft Drift…
Google has released an urgent security update for the Chrome Stable channel to address a critical use-after-free vulnerability in the ANGLE graphics library that could allow attackers…
A single prompt injection in a customer-facing chatbot can leak sensitive data, damage trust, and draw regulatory scrutiny in hours. The technical breach is only…
