security
137 articles tagged with "security"
Tech Feeds
Authentication Patterns with Claude Code: JWT, Sessions, and OAuth Done Right
Authentication is where security mistakes have the most impact. Claude Code needs explicit constraints to generate secure auth implementations. ## Authentication Rules ### JWT - Use RS256 (asymmetric...
Review: Ally WordPress Plugin Unauthenticated SQL Injection (400k+ Sites) and a Repeatable Response Playbook for WordPress Teams
The Ally plugin incident is the exact class of WordPress risk that causes avoidable firefights: unauthenticated SQL injection on a high-install-base plugin, active exploitation, and a short window bet...
14,000 routers are infected by malware that's highly resistant to takedowns
Most of the devices are made by Asus and are located in the US.
SQLi flaw in Elementor Ally plugin impacts 250k+ WordPress sites
An SQL injection vulnerability in Ally, a WordPress plugin from Elementor for web accessibility and usability with more than 400,000 installations, could be exploited to steal sensitive data without a...
An iPhone-hacking toolkit used by Russian spies likely came from U.S military contractor
Google found a series of hacking tools they said were used by a Russian espionage group and a cybercriminal group in China. Sources from a U.S. government defense contractor said some of those hacking...
New BeatBanker Android malware poses as Starlink app to hijack devices
A new Android malware named BeatBanker can hijack devices and tricks users into installing it by posing as a Starlink app on websites masquerading as the official Google Play Store. [...]
New ‘BlackSanta’ EDR killer spotted targeting HR departments
For more than a year, a Russian-speaking threat actor targeted human resource (HR) departments with malware that delivers a new EDR killer named BlackSanta. [...]
New 'Zombie ZIP' technique lets malware slip past security tools
A new technique dubbed /'Zombie ZIP/' helps conceal payloads in compressed files specially created to avoid detection from security solutions such as antivirus and endpoint detection and response (EDR)...
Dutch govt warns of Signal, WhatsApp account hijacking attacks
Russian state-sponsored hackers have been linked to an ongoing Signal and WhatsApp phishing campaign targeting government officials, military personnel, and journalists to gain access to sensitive mes...
Ericsson US discloses data breach after service provider hack
Ericsson Inc., the U.S. subsidiary of Swedish networking and telecommunications giant Ericsson, says attackers have stolen data belonging to an undisclosed number of employees and customers after hack...
Google: Cloud attacks exploit flaws more than weak credentials
Hackers are increasingly exploiting newly disclosed vulnerabilities in third-party software to gain initial access to cloud environments, with the window for attacks shrinking from weeks to just days....
Microsoft Teams phishing targets employees with A0Backdoor malware
Hackers contacted employees at financial and healthcare organizations over Microsoft Teams to trick them into granting remote access through Quick Assist and deploy a new piece of malware called A0Bac...
I Found 9 Agent Identity Projects on GitHub. Only 2 Have Real Users.
I searched GitHub for /'agent identity protocol/' this week and found 9 projects created in 2026 alone. The agent identity space is exploding. Everyone agrees agents need cryptographic identity. Almost...
Cognizant TriZetto breach exposes health data of 3.4 million patients
TriZetto Provider Solutions, a healthcare IT company that develops software and services used by health insurers and healthcare providers, has suffered a data breach that exposed the sensitive informa...
How to scan for vulnerabilities with GitHub Security Lab’s open source AI-powered framework
GitHub Security Lab Taskflow Agent is very effective at finding Auth Bypasses, IDORs, Token Leaks, and other high-impact vulnerabilities. The post How to scan for vulnerabilities with GitHub Security...
The Future of Iran’s Internet Is More Uncertain Than Ever
Iran’s internet shutdown has reduced connectivity by 99 percent, with air strikes likely causing additional outages, and few workarounds remaining.
Hardening Web Applications Against AI Crawlers with SafeLine WAF
AI-powered crawlers have fundamentally changed the threat model of the modern web. Scraping is no longer limited to simple Python scripts with fake User-Agents. Today’s attackers use real Chromium bro...
I Built a Security Scanner Because AI Code Scared Me
Three weeks ago, I was reviewing a pull request that Claude had generated for me. Authentication system, looks clean, tests pass. Ship it. Then I looked closer. The JWT secret was hardcoded. The passw...
Bing AI promoted fake OpenClaw GitHub repo pushing info-stealing malware
Fake OpenClaw installers hosted in GitHub repositories and promoted by Microsoft Bing's AI-enhanced search feature instructed users to run commands that deployed information stealers and proxy malware...
Chinese state hackers target telcos with new malware toolkit
A China-linked advanced persistent threat actor tracked as UAT-9244 has been targeting telecommunication service providers in South America since 2024, compromising Windows, Linux, and network-edge de...
FBI arrests suspect linked to $46M crypto theft from US Marshals
A U.S. government contractor's son, accused of stealing more than $46 million in cryptocurrency from the U.S. Marshals Service, was arrested Wednesday on the island of Saint Martin. [...]
FBI investigating hack on its wiretap and surveillance systems: Report
Hackers allegedly broke into the FBI’s networks, according to a report by CNN.
Wikipedia hit by self-propagating JavaScript worm that vandalized pages
The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis. [...]
WordPress membership plugin bug exploited to create admin accounts
Hackers are exploiting a critical vulnerability in the User Registration & Membership plugin, which is installed on more than 60,000 WordPress sites. [...]
Bitwarden adds support for passkey login on Windows 11
Bitwarden announced support for logging into Windows 11 devices using passkeys stored in the manager's vault, enabling phishing-resistant authentication. [...]
Cisco warns of max severity Secure FMC flaws giving root access
Cisco has released security updates to patch two maximum-severity vulnerabilities in its Secure Firewall Management Center (FMC) software. [...]
Fake LastPass support email threads try to steal vault passwords
Password management software provider LastPass is warning users of a phishing campaign targeting its users with fake unauthorized account access alerts. [...]
Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers
A maximum severity vulnerability in the FreeScout helpdesk platform allows hackers to achieve remote code execution without any user interaction or authentication. [...]
CyberStrikeAI tool adopted by hackers for AI-powered attacks
Researchers warn that a newly identified open-source AI security testing platform called CyberStrikeAI was used by the same threat actor behind a recent campaign that breached hundreds of Fortinet For...
Lava Lamps Can Actually Create Secure File Encryptions - Here's How
Lava lamps aren't just psychedelic decor. One major internet company uses them to help generate the randomness behind secure encryption keys.
CISA flags VMware Aria Operations RCE flaw as exploited in attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a VMware Aria Operations vulnerability tracked as CVE-2026-22719 to its Known Exploited Vulnerabilities catalog, flagging the...
Microsoft: Hackers abuse OAuth error flows to spread malware
Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take users to malicious pages. [...]
Paint maker giant AkzoNobel confirms cyberattack on U.S. site
The multinational Dutch paint company AkzoNobel has confirmed to BleepingComputer that hackers breached the network of one of its U.S. sites. [...]
Who Watches the Agent That Rewrites Itself?
Your AI agent has a SOUL.md file. It defines the agent's values, voice, and boundaries. The agent reads it every session to know who it is. Now ask: who decides when that file changes? Long-running AI...
Alabama man pleads guilty to hacking, extorting hundreds of women
A 22-year-old Alabama man pleaded guilty to extortion, cyberstalking, and computer fraud charges after hijacking the social media accounts of hundreds of young women (including minors). [...]
Fake Google Security site uses PWA app to steal credentials, MFA codes
A phishing campaign is using a fake Google Account security page to deliver a web-based app capable of stealing one-time passcodes, harvesting cryptocurrency wallet addresses, and proxying attacker tr...
CVE-2026-28415: Open Redirect in Gradio OAuth Flow Enables Phishing Attacks
Open Redirect in Gradio OAuth Flow Enables Phishing Attacks Vulnerability ID: CVE-2026-28415 CVSS Score: 4.3 Published: 2026-03-01 A security vulnerability has been identified in Gradio, a popular...
ClawJacked attack let malicious websites hijack OpenClaw to steal data
Security researchers have disclosed a high-severity vulnerability dubbed /'ClawJacked/' in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally runni...
This simple Linux backup setup saved me from a total disaster
Don't get overwhelmed when it comes to backing up your Linux system. This is what I do.
What if the real risk of AI isn’t deepfakes — but daily whispers?
Most people don’t appreciate the profound threat that AI will soon pose to human agency. A common refrain is that “AI is just a tool,” and like any tool, its benefits and dangers depend on how people...
When AI lies: The rise of alignment faking in autonomous systems
AI is evolving beyond a helpful tool to an autonomous agent, creating new risks for cybersecurity systems. Alignment faking is a new threat where AI essentially “lies” to developers during the trainin...
Google quantum-proofs HTTPS by squeezing 2.5kB of data into 64-byte space
Merkle Tree Certificate support is already in Chrome. Soon, it will be everywhere.
India disrupts access to popular developer platform Supabase with blocking order
India, one of Supabase’s biggest markets, is seeing patchy access after a government block order.
QuickLens Chrome extension steals crypto, shows ClickFix attack
A Chrome extension named /'QuickLens - Search Screen with Google Lens/' has been removed from the Chrome Web Store after it was compromised to push malware and attempt to steal crypto from thousands of...
NIST Just Launched an AI Agent Standards Initiative. Here's What Developers Should Do Now.
NIST Just Launched an AI Agent Standards Initiative. Here's What Developers Should Do Now. On February 17, 2026, NIST's Center for AI Standards and Innovation (CAISI) announced the AI Agent Standard...
APT37 hackers use new malware to breach air-gapped networks
North Korean hackers are deploying newly uncovered tools to move data between internet-connected and air-gapped systems, spread via removable drives, and conduct covert surveillance. [...]
Enterprise MCP adoption is outpacing security controls
AI agents now carry more access and more connections to enterprise systems than any other software in the environment. That makes them a bigger attack surface than anything security teams have had to...
Microsoft testing Windows 11 batch file security improvements
Microsoft is rolling out new Windows 11 Insider Preview builds that improve security and performance during batch file or CMD script execution. [...]
Previously harmless Google API keys now expose Gemini AI data
Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI assistant and access private data. [...]
These 3 email headers prove a message is fake — here's how to check
How to verify email authenticity beyond the display name.
This AI Agent Is Designed to Not Go Rogue
The new open source project IronCurtain uses a unique method to secure and constrain AI assistant agents before they flip your digital life upside down.
An Exploit … in CSS?!
Read an explanation of the recent CVE-2026-2441 vulnerability that was labeled a /'CSS exploit/' that /'allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page./' An E...
Fake Next.js job interview tests backdoor developer's devices
The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials,...
Medical device maker UFP Technologies warns of data stolen in cyberattack
American manufacturer of medical devices, UFP Technologies, has disclosed that a cybersecurity incident has compromised its IT systems and data. [...]
🚨 Anthropic Just Killed Static Analysis: Inside the New /'Claude Code Security/'
If you’ve ever maintained a production codebase, you know the absolute nightmare that is Application Security (AppSec). When architecting a custom GitHub App—like the secure-pr-reviewer I recently bui...
1Campaign platform helps malicious Google ads evade detection
A newly identified cybercrime service known as 1Campaign is enabling threat actors to run malicious Google Ads that remain online for extended periods while evading scrutiny from security researchers....
Apple users beware — this devious malware can hide its activity while it hijacks your camera and microphone
Predator spyware bypasses iOS camera and microphone indicators by hooking system processes, enabling covert surveillance despite standard privacy protections.
Here’s What a Google Subpoena Response Looks Like, Courtesy of the Epstein Files
The US Justice Department disclosures give fresh clues about how tech companies handle government inquiries about your data.
Phishing campaign targets freight and logistics orgs in the US, Europe
A financially motivated threat group dubbed /'Diesel Vortex/' is stealing credentials from freight and logistics operators in the U.S. and Europe in phishing attacks using 52 domains. [...]
Wynn Resorts confirms employee data breach after extortion threat
Wynn Resorts has confirmed that a hacker stole employee data from its systems after the company was listed on the ShinyHunters extortion gang's data leak site. [...]
Android mental health apps with 14.7M installs filled with security flaws
Several mental health mobile apps with millions of downloads on Google Play contain security vulnerabilities that could expose users' sensitive medical information. [...]
Spain arrests suspected hacktivists for DDoSing govt sites
Spanish authorities have arrested four alleged members of a hacktivist group believed to have carried out cyberattacks targeting government ministries, political parties, and various public institutio...
Don't trust AI to come up with a strong new password for you — LLMs are pretty poor at creating new logins, experts warn
AI-generated passwords appear complex yet follow predictable statistical patterns, significantly reducing entropy and increasing brute force vulnerability risks.
Major CarGurus data breach reportedly sees 1.7 million corporate records stolen
CarGurus reportedly hit by ShinyHunters - with devastating effect.
How to protect yourself from SIM swapping
This simple step can avoid a security nightmare.
Japanese tech giant Advantest hit by ransomware attack
Advantest Corporation disclosed that its corporate network has been targeted in a ransomware attack that may have affected customer or employee data. [...]
Microsoft Copilot ignored sensitivity labels twice in eight months — and no DLP stack caught either one
For four weeks starting January 21, Microsoft's Copilot read and summarized confidential emails despite every sensitivity label and DLP policy telling it not to. The enforcement points broke inside Mi...
How attackers hit 700 organizations through CX platforms your SOC already approved
CX platforms process billions of unstructured interactions a year: Survey forms, review sites, social feeds, call center transcripts, all flowing into AI engines that trigger automated workflows touch...
Never open a PDF without checking these 3 things first
Execution, integrity, and provenance determine PDF safety.
PromptSpy is the first known Android malware to use generative AI at runtime
Researchers have discovered the first known Android malware to use generative AI in its execution flow, using Google's Gemini model to adapt its persistence across different devices. [...]
GHSA-PG2V-8XWH-QHCC: The Call Is Coming From Inside the House: OpenClaw SSRF Analysis
The Call Is Coming From Inside the House: OpenClaw SSRF Analysis Vulnerability ID: GHSA-PG2V-8XWH-QHCC CVSS Score: 6.5 Published: 2026-02-18 A classic Server-Side Request Forgery (SSRF) vulnerabili...
Intellexa’s Predator spyware used to hack iPhone of journalist in Angola, research says
Amnesty International says it found evidence that a government customer of Intellexa, a sanctioned surveillance vendor, used its Predator spyware against a prominent journalist in Angola.
AI platforms can be abused for stealthy malware communication
AI assistants like Grok and Microsoft Copilot with web browsing and URL-fetching capabilities can be abused to intermediate command-and-control (C2) activity. [...]
Critical infra Honeywell CCTVs vulnerable to auth bypass flaw
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of a critical vulnerability in multiple Honeywell CCTV products that allows unauthorized access to feeds or account hijackin...
Flaws in popular VSCode extensions expose developers to attacks
Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local fi...
Password managers' promise that they can't see your vaults isn't always true
Contrary to what password managers say, a server compromise can mean game over.
New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS
Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns. [...]
Eurail says stolen traveler data now up for sale on dark web
Eurail B.V., the operator that provides access to 250,000 kilometers of European railways, confirmed that data stolen in a breach earlier this year is being offered for sale on the dark web. [...]
Man arrested for demanding reward after accidental police data leak
Dutch authorities arrested a 40-year-old man after he downloaded confidential documents that had been mistakenly shared by the police and refused to delete them unless he received /'something in return...
Sex toy firm hit by data breach - Tenga says hacker infiltrated systems, stole customer data
A Tenga employee fell for a phishing email, and gave away access to a company email account.
Washington Hotel in Japan discloses ransomware infection incident
The Washington Hotel brand in Japan has announced that that its servers were compromised in a ransomware attack, exposing various business data. [...]
Indian pharmacy chain giant exposed customer data and internal systems
A backend flaw in web admin dashboards used by one of India's largest pharmacy chains, exposed thousands of online pharmacy orders.
Secrets Management for LLM Tools: Don’t Let Your OpenAI Keys End Up on GitHub 🚨
/'A practical guide to securing LLM API keys, embeddings, vector TL;DR: If you're building with LLMs and you're not treating secrets as first-class infrastructure, you're already at risk. Every week...
Why I Built AIP: Identity Infrastructure for AI Agents
Why I Built AIP: Identity Infrastructure for AI Agents The Problem No One's Solving There are now hundreds of thousands of AI agents running autonomously — browsing the web, calling APIs,...
Homeland Security reportedly sent hundreds of subpoenas seeking to unmask anti-ICE accounts
The Department of Homeland Security has been increasing pressure on tech companies to identify the owners of accounts that criticize ICE.
Who remembers IRC? Clearly some hackers, as a new Linux botnet uses some incredibly old-school methods to cut costs
SSHStalker botnet uses old IRC communication, automated SSH brute-forcing, cron persistence, and cryptomining to efficiently exploit Linux servers.
Claude LLM artifacts abused to push Mac infostealers in ClickFix attack
Threat actors are abusing Claude artifacts and Google Ads in ClickFix campaigns that deliver infostealer malware to macOS users searching for specific queries. [...]
Fake job recruiters hide malware in developer coding challenges
A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks. [...]
Louis Vuitton, Dior, and Tiffany fined $25 million over data breaches
South Korea has fined luxury fashion brands Louis Vuitton, Christian Dior Couture, and Tiffany $25 million for failing to implement adequate security measures, which facilitated unauthorized access an...
Apple fixes zero-day flaw used in 'extremely sophisticated' attacks
Apple has released security updates to fix a zero-day vulnerability that was exploited in an /'extremely sophisticated attack/' targeting specific individuals. [...]
Bitwarden introduces ‘Cupid Vault’ for secure password sharing
Bitwarden has launched a new system called 'Cupid Vault' that allows users to safely share passwords with trusted email addresses. [...]
Microsoft: New Windows LNK spoofing issues aren't vulnerabilities
Today, at Wild West Hackin' Fest, security researcher Wietze Beukema disclosed multiple vulnerabilities in Windows LK shortcut files that allow attackers to deploy malicious payloads. [...]
Romania's oil pipeline operator Conpet confirms data stolen in attack
Romania's national oil pipeline operator, Conpet S.A., confirmed that the Qilin ransomware gang stole company data in an attack last week. [...]
Crazy ransomware gang abuses employee monitoring tool in attacks
A member of the Crazy ransomware gang is abusing legitimate employee monitoring software and the SimpleHelp remote support tool to maintain persistence in corporate networks, evade detection, and prep...
New Spyware Can Track Everything You Do On Both Android And iPhone - Here's How To Stay Safe
There are some frightening malware programs out there, so it's always important to be weary of links you click on and websites you visit regularly.
Once-hobbled Lumma Stealer is back with lures that are hard to resist
ClickFix bait, combined with advanced Castleloader malware, is installing Lumma /'at scale./'
Police arrest seller of JokerOTP MFA passcode capturing tool
The Netherlands Police have arrested a a 21-year-old man from Dordrecht, suspected of selling access to the JokerOTP phishing automation tool that can intercept one-time passwords (OTP) for hijacking...
India makes Aadhaar more ubiquitous, but critics say security and privacy concerns remain
India's Aadhaar is moving into wallets, hotels and policing through a new app. Critics say that amid the broader Aadhaar rollout, it's unclear how data shared through the new app would prevent breache...
Malicious 7-Zip site distributes installer laced with proxy tool
A fake 7-Zip website is distributing a trojanized installer of the popular archiving tool that turns the user's computer into a residential proxy node. [...]
New Linux botnet SSHStalker uses old-school IRC for C2 comms
A newly documented Linux botnet named SSHStalker is using the IRC (Internet Relay Chat) communication protocol for command-and-control (C2) operations. [...]
North Korean hackers use new macOS malware in crypto-theft attacks
North Korean hackers are running tailored campaigns using AI-generated video and the ClickFix technique to deliver malware for macOS and Windows to targets in the cryptocurrency sector. [...]
A Developer-Friendly Way to Mask API Tokens Without Losing Context
Yooo—real talk for a second. mask-token is a tiny TypeScript utility built for one simple job: hide sensitive tokens without breaking developer ergonomics. It doesn’t try to guess what your token is o...
Chinese cyberspies breach Singapore's four largest telcos
The Chinese threat actor tracked as UNC3886 breached Singapore's four largest telecommunication service providers, Singtel, StarHub, M1, and Simba, at least once last year. [...]
Hackers exploit SolarWinds WHD flaws to deploy DFIR tool in attacks
Hackers are now exploiting SolarWinds Web Help Desk (WHD) vulnerabilities to gain code execution rights on exposed systems and deploy legitimate tools, including the Velociraptor forensics tools, for...
'Reynolds' Bundles BYOVD With Ransomware Payload
Researchers discovered a newly disclosed vulnerable driver embedded in Reynolds' ransomware, illustrating the increasing popularity of the defense-evasion technique.
TeamPCP Turns Cloud Infrastructure into Crime Bots
The threat actor has been compromising cloud environments at scale with automated worm-like attacks on exposed services and interfaces.
Warlock Gang Breaches SmarterTools Via SmarterMail Bugs
The ransomware group breached SmarterTools through a vulnerability in the company's own SmarterMail product.
What OpenClaw Teaches Us About Personal AI Security
OpenClaw and gharasathi are both local-first AI assistants. Both run on your own hardware. Both handle personal data. In February 2026, OpenClaw had a very bad month — and the lessons aren't what you...
I switched from LastPass to this open-source password manager that's more secure
Trust broke first. Transparency is what finally fixed it.
How recruitment fraud turned cloud IAM into a $2 billion attack surface
A developer gets a LinkedIn message from a recruiter. The role looks legitimate. The coding assessment requires installing a package. That package exfiltrates all cloud credentials from the developer’...
DKnife Linux toolkit hijacks router traffic to spy, deliver malware
A newly discovered toolkit called DKnife has been used since 2019 to hijack traffic at the edge-device level and deliver malware in espionage campaigns. [...]
Germany warns of Signal account hijacking targeting senior figures
Germany's domestic intelligence agency is warning of suspected state-sponsored threat actors targeting high-ranking individuals in phishing attacks via messaging apps like Signal. [...]
Malicious packages for dYdX cryptocurrency exchange empties user wallets
Incident is at least the third time the exchange has been targeted by thieves.
Agentic AI Site 'Moltbook' Is Riddled With Security Risks
Someone used AI to build an entire Web platform, which then did something predictable and preventable: It exposed all its data through a publicly accessible API.
EnCase Driver Weaponized as EDR Killers Persist
The forensic tool's driver was signed with a digital certificate that expired years ago, but major security gaps allowed Windows to load it.
ICE and CBP’s Face-Recognition App Can’t Actually Verify Who People Are
ICE has used Mobile Fortify to identify immigrants and citizens alike over 100,000 times, by one estimate. It wasn't built to work like that—and only got approved after DHS abandoned its own privacy r...
Ransomware gang uses ISPsystem VMs for stealthy payload delivery
Ransomware operators are hosting and delivering malicious payloads at scale by abusing virtual machines (VMs) provisioned by ISPsystem, a legitimate virtual infrastructure management provider. [...]
Spain's Ministry of Science shuts down systems after breach claims
Spain's Ministry of Science (Ministerio de Ciencia) announced a partial shutdown of its IT systems, affecting several citizen- and company-facing services. [...]
Attackers Use Windows Screensavers to Drop Malware, RMM Tools
By tapping the unusual .scr file type, attackers leverage /'executables that don't always receive executable-level controls,/' one researcher noted.
CISA Makes Unpublicized Ransomware Updates to KEV Catalog
A third of the /'flipped/' CVEs affected network edge devices, leading one researcher to conclude, /'Ransomware operators are building playbooks around your perimeter./'
Critical n8n flaws disclosed along with public exploits
Multiple critical vulnerabilities in the popular n8n open-source workflow automation platform allow escaping the confines of the environment and taking complete control of the host server. [...]
Hackers compromise NGINX servers to redirect user traffic
A threat actor is compromising NGINX servers in a campaign that hijacks user traffic and reroutes it through the attacker's backend infrastructure. [...]
Microsoft releases urgent Office patch. Russian-state hackers pounce.
The window to patch vulnerabilities is shrinking rapidly.
Notepad++ Users, You May Have Been Hacked by China
Suspected Chinese state-backed hackers hijacked the Notepad++ update infrastructure to deliver a backdoored version of the popular free source code editor and note-taking app for Windows.
Ransomware Gang Goes Full 'Godfather' With Cartel
Since its launch in 2023, DragonForce has pushed a cartel model, emphasizing cooperation and coordination among ransomware gangs.
GlassWorm Malware Returns to Shatter Developer Ecosystems
The self-replicating malware has poisoned a fresh set of Open VSX software components, leaving potential downstream victims with infostealer infections.
Russian Hackers Weaponize Microsoft Office Bug in Just 3 Days
APT28's attacks rely on specially crafted Microsoft Rich Text Format (RTF) documents to kick off a multistage infection chain to deliver malicious payloads.
Attackers Harvest Dropbox Logins Via Fake PDF Lures
A malware-free phishing campaign targets corporate inboxes and asks employees to view /'request orders,/' ultimately leading to Dropbox credential theft.
County Pays $600K to Wrongfully Jailed Pen Testers
Iowa police arrested two penetration testers in 2019 for doing their jobs, highlighting the risk to security professionals in red teaming exercises.
Malicious MoltBot skills used to push password-stealing malware
More than 230 malicious packages for the personal AI assistant OpenClaw (formerly known as Moltbot and ClawdBot) have been published in less than a week on the tool's official registry and on GitHub....
New GlassWorm attack targets macOS via compromised OpenVSX extensions
A new GlassWorm malware attack through compromised OpenVSX extensions focuses on stealing passwords, crypto-wallet data, and developer credentials and configurations from macOS systems. [...]
Russian hackers exploit recently patched Microsoft Office bug in attacks
Ukraine's Computer Emergency Response Team (CERT) says that Russian hackers are exploiting CVE-2026-21509, a recently patched vulnerability in multiple versions of Microsoft Office. [...]
ICE Is Using Palantir’s AI Tools to Sort Through Tips
ICE has been using an AI-powered Palantir system to summarize tips sent to its tip line since last spring, according to a newly released Homeland Security document.
Theorem wants to stop AI-written bugs before they ship — and just raised $6M to do it
As artificial intelligence reshapes software development, a small startup is betting that the industry's next big bottleneck won't be writing code — it will be trusting it. Theorem, a San Francisco-ba...
Engineering Log: LL-298: Invalid Option Strikes Causing C (+2 more)
Building an autonomous AI trading system means things break. Here's what we discovered, fixed, and learned today. The Problem: See full details in lesson ll_298_invalid_strikes_call_legs_fail_jan23 Wh...
Tech Pulse – Weekly Tech Digest January 11, 2026
The article provides a comprehensive overview of key technological advancements showcased at CES 2026, highlighting significant developments in AI, quantum computing, and sustainability. It discusses innovations like autonomous AI agents, advanced GPUs, and breakthroughs in quantum networking, emphasizing their implications for future tech landscapes.
NodeJS 101 — Part 4 🔐 Authorization with JWT
This article provides a comprehensive tutorial on implementing JWT-based authentication in a Node.js application. It covers key concepts such as token creation, middleware for token verification, and best practices for securing routes, making it a valuable resource for developers looking to enhance their API security.