The DuneSlide vulnerabilities enable zero-click prompt injection attacks that escape Cursor's sandbox and execute arbitrary code on the underlying operating system.
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
Microsoft's prediction that attackers probably wouldn't rush to exploit a newly-patched SharePoint bug hasn't aged especially ...
Infosecurity spoke with the researcher who dumped over 30 proof-of-concept exploits without disclosing the vulnerabilities ...
CISA warns that attackers are exploiting Microsoft SharePoint vulnerability CVE-2026-45659, a high-severity remote code ...
Sudo alternatives avoid vulnerabilities, but the better approach is to avoid sudo.
Sentire says attacks began June 29 against a CVSS 9.6 OS command injection flaw that enables unauthenticated code execution.
Researchers have discovered two vulnerabilities in the widely used Cursor AI-enabled integrated development environment (IDE) ...
Nearby attackers can crash Apple's AirDrop before users see a file transfer request, temporarily disabling AirPlay, Handoff, ...
Multiple Malaysian government websites have been compromised in a series of cyberattacks, the National Cyber Security Agency (NACSA) confirmed. The attacks are believed to have exploited a critical ...