A publicly accessible JavaScript file on ClickUp’s homepage has been silently leaking nearly a thousand corporate and government email addresses, including employees from Fortinet, Home…
A security vulnerability has been identified in Notepad++, one of the most widely used open-source text editors among developers and IT professionals. The vulnerability CVE-2026-3008,…
A new phishing campaign is actively targeting Indian taxpayers and businesses by impersonating the Income Tax Department of India. Threat actors have built convincing fake…
A new open-source toolkit called pentest-ai-agents is redefining how security professionals leverage AI in penetration testing workflows, transforming Anthropic’s Claude Code into a fully specialized…
State-sponsored threat actors are actively targeting Cisco Firepower devices by chaining known vulnerabilities to deploy a highly customized backdoor. Cisco Talos recently discovered that the…
A critical zero-day vulnerability in the Litecoin network was actively exploited to launch a denial-of-service (DoS) attack, temporarily disrupting operations across major mining pools before…
The GlassWorm supply chain attack targeting the Open VSX marketplace has escalated with the discovery of 73 new “sleeper” extensions. Identified in April 2026, this…
Anthropic’s “Project Deal” has demonstrated that AI agents can autonomously negotiate and close real-world transactions, but the experiment also surfaced a quiet, troubling asymmetry: not…
PhantomRPC, a newly identified architectural vulnerability in Windows Remote Procedure Call (RPC) that enables local privilege escalation to SYSTEM-level access, potentially affecting every version of…
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding two actively exploited vulnerabilities in SimpleHelp remote support software. Remote access tools…
OpenAI has announced a new Bio Bug Bounty program for GPT-5.5 as part of its efforts to improve safety controls for advanced AI systems and…
A critical scope overreach vulnerability was recently identified in the Microsoft Entra Agent Identity Platform. The newly introduced Agent ID Administrator role allowed accounts to…
