Experts published unpatched Windows zero-day BlueHammer
Experts published unpatched Windows zero-day BlueHammer Pierluigi Paganini April 07, 2026 A researcher leaked the unpatched Windows zero-day…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 88
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 88 Pierluigi Paganini March 15, 2026 Security Affairs Malware newsletter includes a collection…
Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code
î „Ravie Lakshmananî ‚Jan 26, 2026AI Security / Vulnerability Cybersecurity researchers have discovered two malicious Microsoft Visual Studio Code (VS…
Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances
î ‚Dec 23, 2025î „Ravie LakshmananVulnerability / Workflow Automation A critical security vulnerability has been disclosed in the n8n workflow…
WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability
î ‚Dec 19, 2025î „Ravie LakshmananVulnerability / Network Security WatchGuard has released fixes to address a critical security flaw in…
Featured Chrome Browser Extension Caught Intercepting Millions of Users’ AI Chats
A Google Chrome extension with a “Featured” badge and six million users has been observed silently gathering every…
Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild
î ‚Dec 13, 2025î „Ravie LakshmananZero-Day / Vulnerability Apple on Friday released security updates for iOS, iPadOS, macOS, tvOS, watchOS,…
Chinese Hackers Have Started Exploiting the Newly Disclosed React2Shell Vulnerability
î ‚Dec 05, 2025î „Ravie LakshmananVulnerability / Software Security Two hacking groups with ties to China have been observed weaponizing…
Ransomware’s Fragmentation Reaches a Breaking Point While LockBit Returns
Key Takeaways: 85 active ransomware and extortion groups observed in Q3 2025, reflecting the most decentralized ransomware ecosystem…
Microsoft Uncovers ‘Whisper Leak’ Attack That Identifies AI Chat Topics in Encrypted Traffic
Microsoft has disclosed details of a novel side-channel attack targeting remote language models that could enable a passive…
Samsung Mobile Flaw Exploited as Zero-Day to Deploy LANDFALL Android Spyware
î ‚Nov 07, 2025î „Ravie LakshmananMobile Security / Vulnerability A now-patched security flaw in Samsung Galaxy Android devices was exploited…
Chrome Zero-Day Exploited to Deliver Italian Memento Labs’ LeetAgent Spyware
The zero-day exploitation of a now-patched security flaw in Google Chrome led to the distribution of an espionage-related…