OWASP Backs New Terminal Based Tool for Developer Vulnerability Scanning
OWASP has formally recognized a new open source dependency scanner that runs directly in the developer terminal and produces concrete fix commands rather than simple vulnerability listings.
The Latest
VS Code Introduces Two Hour Delay for Extension Updates to Thwart Supply Chain Attacks
Microsoft's two hour auto update delay for VS Code extensions gives the community a window to catch malicious releases before…
Claude Code MCP Token Theft Via Malicious npm Package Exposed
A five step attack chain uses a malicious npm package to silently redirect Claude Code MCP traffic and steal OAuth…
Password Manager Provider Reports Limited Vault Exposure Following Account Attack
Fewer than 20 Dashlane personal plan users had their encrypted vaults downloaded after an attacker targeted device registration API endpoints…
SolarWinds Serv-U Flaw Added to US Government Alert List After Attacks Detected
The denial of service bug in SolarWinds Serv-U requires no authentication and has been observed under active attack, prompting a…
Attackers Use Teams and Cloud Storage to Breach Systems in Under 20 Minutes
Attackers used email bombing to set up a fake IT helpdesk call on Teams, then deployed cloud based malware within…
Instagram Password Reset Logic Bug Exposed User Contact Details
A logic bug in Instagram's password reset interface briefly revealed full email addresses and phone numbers including those of Meta…
Typosquatted Python Package on PyPI Sneaks Telegram Backdoor to Developers
A typosquatted Python package on PyPI impersonating a popular parser library deployed a Telegram backdoor to steal credentials and API…
Red Team Rollout of Anthropic AI Model Hits Early Security Snag
A restricted security evaluation of Anthropic's next generation AI model was disrupted when unauthorized API access was resold through a…
New npm Malware Campaign Spreads Self-Replicating Rust-Based Stealer
Over 50 trojanized npm packages deliver a Rust-based stealer named IronWorm that uses stolen credentials to self-replicate across the supply…
Google Addresses 124 Android Flaws in June 2026 Security Update Amid Active Exploit
Google's June 2026 Android security update patches 124 vulnerabilities, including one high severity Framework flaw already exploited in limited targeted attacks.
Smart TV Apps Secretly Enlist Home Networks in AI Data Harvesting
Millions of smart TVs are being turned into covert proxy nodes for AI training data collection through an SDK hidden…
OpenAI Rolls Out ChatGPT Lockdown Mode to Block Data Theft Via Prompt Injection
OpenAI's Lockdown Mode blocks the data exfiltration step of prompt injection attacks by restricting outbound network requests and disabling several…
Most SOCs See Little Return from AI Investments, Study Finds
A new study reveals that 71% of SOCs report little to no value from AI despite massive adoption growth across…
Spotlight
Self-Replicating Miasma Worm Breaches Dozens of Microsoft GitHub Repositories
The Miasma worm has compromised 73 Microsoft GitHub repositories across four organizations, with attackers exploiting previously compromised credentials to spread through interconnected projects.
Active Attacks Target Remote Code Execution Flaw in Everest Forms WordPress Plugin
Threat actors are actively exploiting a critical vulnerability in the Everest Forms Pro WordPress plugin to inject arbitrary PHP code and take over affected websites.
Critical Path Validation Flaw in Microsoft Edge Opens Door to Remote Code Execution
The critical Edge vulnerability exploits a path validation defect in feedback log processing, enabling code execution through compromised webpages or malicious files.
Windows Driver Update Policies Overridden by Microsoft 365 Outage
A Microsoft 365 service glitch caused a caching failure that made managed Windows devices appear unenrolled, allowing automatic driver installations despite configured enterprise policies.
Features
Fake Security Tool Sites Deliver Stealth Malware to Researchers
Attackers are using cloned websites for Ghidra, dnSpy, and SpiderFoot to funnel security researchers through a traffic filtering system that…
Custom Web Shell Framework Found Targeting Microsoft IIS Servers
A new China linked threat group called OP-512 is using three custom web shells with timestamp manipulation to compromise Microsoft…
Cybercriminals Exploit FIFA 2026 Hype with Lookalike Domains and Account Takeovers
A coordinated phishing campaign using over 300 cloned FIFA sites is targeting fans ahead of the 2026 World Cup, aiming…
Active Attacks Target Cisco SD-WAN Manager Flaw With No Available Fix
Cisco warns that a high severity command injection flaw in Catalyst SD WAN Manager is under active exploitation, with no…
Autonomous Agent Discovers Two Decades of Hidden Flaws in FFmpeg Media Library
An autonomous AI agent found 21 previously undetected flaws in the FFmpeg media library, including a bug that had remained…
Microsoft Releases Urgent Patches for SharePoint Remote Code Execution Bug
A newly patched SharePoint vulnerability lets authenticated users with basic permissions execute code remotely on servers, prompting Microsoft to push…
