In this article During routine security research, we identified a severe intent redirection vulnerability in a widely used third-party Android SDK called EngageSDK. This flaw…
Everyone has heard the saying that “time is money,” but there is one big difference between the two: you can’t make more time, so you…
Hackers gained access to an API for the CPUID project and changed the download links on the official website to serve malicious executables for the popular…
A financially motivated threat group called Storm-2755 has launched a campaign that quietly reroutes employee salary payments to attacker-controlled bank accounts. Targeting Canadian workers, the…
A high-severity flaw in GitHub Copilot Chat recently allowed attackers to silently steal sensitive data like API keys and private source code. Tracked as CVE-2025-59145…
“I don’t care what that report says, the threat actor has to be utilizing vector #1 because that is what our threat model says they’ll…
A new report from Infoblox Threat Intel connects two issues that are often discussed separately but rarely proven to be linked. The company says it…
Cookie theft follows a well-established pattern. Infostealer malware infiltrates a device, extracts authentication cookies, and exfiltrates them to an attacker-controlled server. Because cookies often have…
ClickFix campaigns are looking for alternatives now that many Mac users have been made aware of the dangers of pasting certain commands into Terminal. Researchers…
Ravie LakshmananApr 10, 2026Vulnerability / Threat Intelligence A critical security vulnerability in Marimo, an open-source Python notebook for data science and analysis, has been exploited within…
OpenAI has paused plans for its Stargate UK investment, which was to take place in concert with artificial intelligence (AI) datacentre builder Nscale and in…
The U.S. Department of the Treasury has unveiled a new digital asset cybersecurity initiative, aimed at strengthening defenses across the rapidly growing digital asset ecosystem.…
