New MacSync macOS Stealer Uses Signed App to Bypass Apple Gatekeeper
î ‚Dec 24, 2025î „Ravie LakshmananMalware / Endpoint Security Cybersecurity researchers have discovered a new variant of a macOS information…
‘Critical’ WatchGuard Firebox Vulnerability Exploited In Attacks
The vulnerability in WatchGuard’s next-generation firewall ‘poses significant risks,’ the U.S. cybersecurity agency says. A critical-severity vulnerability impacting…
Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data
î ‚Dec 09, 2025î „Ravie LakshmananMalware / Threat Analysis Cybersecurity researchers have discovered two new extensions on Microsoft Visual Studio…
Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks
î ‚Dec 06, 2025î „Ravie LakshmananAI Security / Vulnerability Over 30 security vulnerabilities have been disclosed in various artificial intelligence…
Private AI Compute Enables Google Inference with Hardware Isolation and Ephemeral Data Design
Google announced Private AI Compute, a system designed to process AI requests using Gemini cloud models while aiming…
Hackers Actively Exploiting 7-Zip Symbolic Link–Based RCE Vulnerability (CVE-2025-11001)
î ‚Nov 19, 2025î „Ravie LakshmananVulnerability / Threat Intelligence A recently disclosed security flaw impacting 7-Zip has come under active…
Google Issues Security Fix for Actively Exploited Chrome V8 Zero-Day Vulnerability
î ‚Nov 18, 2025î „Ravie LakshmananBrowser Security / Vulnerability Google on Monday released security updates for its Chrome browser to…
CISA Flags Critical WatchGuard Fireware Flaw Exposing 54,000 Fireboxes to No-Login Attacks
î ‚Nov 13, 2025î „Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added…
Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control
î ‚Oct 15, 2025î „Ravie LakshmananVulnerability / Critical Infrastructure Cybersecurity researchers have disclosed two critical security flaws impacting Red Lion…
New DNS Armor Service Helps Google Cloud Workloads Preemptively Block Cyber Threats
Google Cloud has launched DNS Armor, a new cloud-native security service developed in partnership with Infoblox. The service…
SlopAds Fraud Ring Exploits 224 Android Apps to Drive 2.3 Billion Daily Ad Bids
î ‚Sep 16, 2025î „Ravie LakshmananAd Fraud / Mobile Security A massive ad fraud and click fraud operation dubbed SlopAds…
AI-Powered Villager Pen Testing Tool Hits 11,000 PyPI Downloads Amid Abuse Concerns
A new artificial intelligence (AI)-powered penetration testing tool linked to a China-based company has attracted nearly 11,000 downloads…