Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints
Threat actors are continuing to exploit a critical Langflow vulnerability as part of fresh attacks designed to deliver a Monero cryptocurrency miner. The activity has…
Threat actors are continuing to exploit a critical Langflow vulnerability as part of fresh attacks designed to deliver a Monero cryptocurrency miner. The activity has…
An unknown threat actor has been observed exploiting a recently disclosed maximum-severity security flaw in SimpleHelp to deliver two previously unreported malware families, TaskWeaver and…
Ravie LakshmananJun 30, 2026Artificial Intelligence / Vulnerability Apple on Monday released security updates for iOS, macOS, and the Safari web browser to address over three…
Ravie LakshmananJun 29, 2026Threat Intelligence / Malware The China-aligned espionage group Mustang Panda is running two campaigns against the Indian government and hydropower targets, deploying new malware…
Swati KhandelwalJun 29, 2026Browser Security / Web Security Microsoft has found a malicious Chrome extension that posed as the AI search engine Perplexity and quietly…
Ravie LakshmananJun 29, 2026Privacy / Social Media WhatsApp on Monday officially announced the start of global reservations of usernames with an aim to protect the…
The Hacker NewsJun 29, 2026Quantum Computing / Non-Human Identity Today’s encrypted data, such as credentials, may no longer remain confidential in the future because the…
Swati KhandelwalJun 29, 2026Vulnerability / Open Source A public proof-of-concept is now out for CVE-2026-55200, a critical flaw in libssh2 that lets a malicious or…
Ravie LakshmananJun 23, 2026Workflow Security / Software Supply Chain GitHub is moving to strengthen software supply chain security by updating “actions/checkout” to block pwn request…
Ravie LakshmananJun 24, 2026Vulnerability / Network Security Threat actors have begun to exploit a recently disclosed critical security flaw impacting Cisco Unified Communications Manager (Unified…
Russian authorities used Cellebrite’s UFED forensic tools to break into the iPhone of detained opposition activist Andrey Pivovarov in June 2021, three months after Cellebrite…
Swati KhandelwalJun 26, 2026Phishing / Malware An active phishing campaign has been targeting hotel and other hospitality organizations across Europe and Asia since April 2026,…