JadePuffer exploited a vulnerable Langflow server, harvested credentials, moved laterally and encrypted more than 1,300 database records, marking what Sysdig describes as the first documented ...
A ransomware operation that emerged barely 19 months ago has claimed 91 victims — 11 of them in June 2026 alone — by exploiting a critical pre-authentication vulnerability in Citrix NetScaler ...
Our tracking of OceanLotus activities from 2024–2026 reveals a shift in operational focus. During this period, the Vietnam-aligned OceanLotus adopted a more selective approach to external operations ...
Cybersecurity researchers have flagged two malicious cyber campaigns that exhibit similarities with a persistent North Korean threat cluster known as Contagious Interview (aka Famous Chollima, ...
This research is part of a joint initiative between the Cloud Security Alliance (CSA) and OWASP AI Exchange, building upon the previously published Agentic AI Red Teaming Guide. The objective of this ...
Malicious packages on the Node Package Manager (npm) and the Python Package Index (PyPI) delivered stealer malware to ...
For the last 30 years, stopping the flow of cybersecurity-related software has proven to be ineffective. It's unclear why it would work now with Anthropic’s cybersecurity model Mythos.
Secure software supply chain solution provider Chainguard Inc. today expanded its Chainguard Repository product with malware ...
Research shows signed Git commits can be re-encoded into fresh GitHub Verified hashes without changing files or breaking ...
DirtyClone, tracked as CVE-2026-43503, is a Linux kernel vulnerability that allows any local user to gain root privileges.
Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
Akrites is a coalition of 19 organizations, including every major AI lab and Wall Street banks, built to defend open-source ...