CISA added four exploited flaws to KEV, covering Adobe ColdFusion, Joomla page builders, and Langflow ahead of July 10 fixes.
Researchers at Zimperium have uncovered RedWing, a new Android malware-as-a-service sold through Telegram with subscription tiers, a support bot, and how-to videos. Once installed, it can steal ...
Fake CVE exploit repos pull frint and skytext packages to steal researcher credentials, with servers still live as of July 1.
The U.S. Army has fixed two of its websites that were hacked to display messages calling President Trump a "pedophile" and a ...
A practitioner's breakdown of the CSRF attack: how the forged request works, two documented exploits, a manual test, and the ...
Security vendor Sysdig has identified the first real-world case of an agentic ransomware attack, attributed to a financially motivated group called JadePuffer. The AI agent autonomously adapted to ...