…With Microsoft having fixed CVE-2026-42824, there’s no user action required to mitigate this threat. Varonis underscores that familiar, easily contained bugs like SSRF and HTML injection race conditions can…
BTMOB Android malware service generates custom phishing payloads By Bill Toulas May 28, 2026 05:10 PM An Android remote access trojan named BTMOB is offered to cybercriminals with a builder interface…
SimpleHelp bug lets hackers create rogue remote support accounts By Bill Toulas June 15, 2026 04:06 PM A vulnerability in the SimpleHelp remote management software allows unauthenticated attackers to create privileged…
…2026-44748 . “This may result in acceptance of tampered identity information leading to unauthorized access to sensitive user data and potential disruption of normal system usage.” In the case of CVE-2026…
…CVE-2026-5027 is a high-severity path traversal flaw in Langflow's file upload functionality that fails to properly sanitize user-supplied filenames. "The 'POST /api/v2/files' endpoint does not…
USB worm spreads crypto-stealing malware via Windows shortcut files By Bill Toulas June 18, 2026 12:20 PM Threat actors targeting cryptocurrency wallets have been distributing clipboard-stealing malware with self…
…Discord or Telegram admins privately messaging users first. Websites asking users to disable wallet security protections. Wallet drained immediately after signing a message instead of sending funds manually. Any platform pressuring users…
…Users who deploy it locally without exposing the API server online along with those using the Rust front-end, are not affected by CVE-2026-45829. According to HiddenLayer, a vulnerable API…
…Users of vm2 are recommended to upgrade to version 3.10.5 or later ( latest is 3.11.2 ) as soon as possible to mitigate the risk of CVE-2026-26956 exploitation…
OpenAI upgrades GPT-5.5, as it plans to retire legacy ChatGPT models By Mayank Parmar June 2, 2026 06:44 PM OpenAI says it's rolling out a new update that…