Firefox v147.0.3 Released Mozilla has released Firefox version 147.0.3, addressing a critical memory-related flaw that could allow attackers to execute arbitrary code by exploiting a heap…
Cybercriminals have discovered a new attack surface in the world of personal AI assistants. Recent investigations show that infostealers now target OpenClaw configuration files to…
Keenadu Android Malware A sophisticated new Android backdoor that infects device firmware at the build stage and spreads through Google Play apps, enabling attackers to…
Langchain Community SSRF Bypass Vulnerability A Server‑Side Request Forgery (SSRF) vulnerability has been identified in the langchain/community package, affecting versions up to 1.1.13. The flaw, tracked as CVE‑2026‑26019, has…
Apache NiFi Vulnerability A newly disclosed high-severity vulnerability in Apache NiFi exposes systems to an authorization bypass that could allow lower-privileged users to modify restricted…
Malicious Chrome Extension Steals Facebook Business Manage 2FA Codes A malicious Chrome extension that claims to help Meta Business users quietly steals Facebook Business Manager 2FA…
Password Managers Vulnerability Researchers from ETH Zurich have uncovered 25 serious vulnerabilities in three leading cloud-based password managers: Bitwarden, LastPass, and Dashlane. These flaws enable…
Palo Alto Networks and CyberArk Palo Alto Networks has finalized its acquisition of CyberArk, a leading identity security firm, in a landmark $25 billion deal.…
The Noodlophile information stealer, originally uncovered in May 2025, has significantly evolved its attack strategies to bypass security measures. Initially, this malware hid behind deceptive…
Cybercriminals are targeting fans of the Milano Cortina 2026 Winter Olympics through an extensive network of fake online merchandise stores designed to steal payment information…
Joomla Novarain/Tassos Framework Vulnerabilities Websites running the Novarain/Tassos Framework are vulnerable to critical security flaws that allow unauthenticated file read, file deletion, and SQL injection…
Single IP Dominates Ivanti EPMM with RCE Vulnerability A critical remote code execution (RCE) flaw in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281, is…
