Attackers have weaponized a malicious fork of the legitimate Triton macOS client for omg.lol, turning a trusted open-source project into a delivery channel for Windows…
Microsoft is rolling out AI Workflows in the Teams Workflows app, bringing intelligent automation capabilities powered by Microsoft 365 Copilot to help users streamline daily…
Apache NiFi users are being urged to upgrade after the project disclosed a high-severity authorization flaw tracked as CVE-2026-25903. The issue, published on 2026-02-16, can…
A new ransomware-as-a-service (RaaS) outfit calling itself 0APT has quickly drawn attention for all the wrong reasons, after loudly claiming to have compromised around 200 victims while…
The Langchain development team has released a critical security update for the @langchain/community package to address a Server-Side Request Forgery (SSRF) vulnerability. Identified as CVE-2026-26019, this flaw…
The three major cloud-based password managers, such as Bitwarden, LastPass, and Dashlane, collectively serve approximately 60 million users. Despite marketing claims of “zero-knowledge encryption,” the…
A critical vulnerability in the popular CleanTalk Spam Protection plugin for WordPress exposes websites to complete takeover. Tracked as CVE-2026-1490, this high-severity flaw allows unauthenticated…
Joomla site owners using extensions that bundle the Novarain/Tassos Framework are being warned after a source code review identified multiple attack primitives that can be…
Microsoft’s February 10, 2026, Patch Tuesday cumulative update KB5077181 for Windows 11 is being linked to severe boot failures on some devices, with users reporting systems that…
Hey folks in the threat‑hunting world looks like our coverage of the Noodlophile infostealer has struck a nerve with its creators. The operators used inflated engagement metrics…
The excitement surrounding the Milano-Cortina 2026 Winter Olympics has given cybercriminals a new opportunity to trick fans. The adorable stoat mascots, Tina and Milo, have…
A newly surfaced mobile spyware platform called ZeroDayRAT is rapidly gaining traction across underground Telegram channels. ZeroDayRAT is designed to give attackers complete remote control over both Android and…
