The DuneSlide vulnerabilities enable zero-click prompt injection attacks that escape Cursor's sandbox and execute arbitrary code on the underlying operating system.
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
Infosecurity spoke with the researcher who dumped over 30 proof-of-concept exploits without disclosing the vulnerabilities ...
CISA added a Microsoft SharePoint RCE flaw to its exploited bugs catalog after confirming active attacks on unpatched servers.
Spread the love“`html On July 1, 2026, Google rolled out Chrome 151, a substantial update designed to patch an astonishing 382 Chrome vulnerabilities. Among these, 15 were classified as critical flaws ...
Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called ChocoPoC, travels in Python proof-of-concept (PoC) repositories ...
A set of 13 exploits were released by the Shadow Brokers hacker group, with Microsoft providing a rapid response, downplaying ...
OS 26.5.2 security update arrives weeks early as Apple adapts to AI tools that compress vulnerability discovery into hours.
The critical libssh2 CVE-2026-55200 flaw inverts SSH security: the remote server attacks the connecting client, no ...
Multiple Malaysian government websites have been compromised in a series of cyberattacks, the National Cyber Security Agency (NACSA) confirmed. The attacks are believed to have exploited a critical ...
The flaw enables server-side request forgery (SSRF) and escalates privileges to root, impacting Cisco Unified CM and Unified ...
New activity targets CVE‑2026‑20230, an SSRF bug that can allow unauthenticated file writes and potential root‑level access ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results