The malicious version of Cline's npm package — 2.3.0 — was downloaded more than 4,000 times before it was removed.

Underground Telegram channels shared SmarterMail exploit PoCs and stolen admin credentials within days of disclosure. Flare explains how monitoring these communities reveals rapid weaponization of CVE ...

Hands-on NDR testing reveals AI-assisted threat hunting, deep network visibility, and SOC workflow integration benefits.

Practical DevSecOps launches the Certified Security Champion course to help orgs bridge the talent gap by upskilling ...

Rupantar study reveals Bangladesh’s online extremist network, led by AQIS, has expanded into mainstream social media, ...

Darktrace researchers say hackers used AI and LLMs to create malware to exploit the React2Shell vulnerability to mine ...

Security researchers detected artificial intelligence-generated malware exploiting the React2Shell vulnerability, allowing ...

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.

Remember the WinRAR path handling exploit we reported on back in August? According to Google, that same flaw, officially dubbed CVE-2025-8088, is still being actively exploited, even though versions ...

As AI gets more heavily integrated into Windows, enhanced cybersecurity is required to prevent it from being used against us. Take Reprompt, for example. Reprompt is a Copilot exploit, that can use ...

Microsoft has fixed a vulnerability in its Copilot AI assistant that allowed hackers to pluck a host of sensitive user data with a single click on a legitimate URL. The hackers in this case were white ...

Technical details and a public exploit have been published for a critical vulnerability affecting Fortinet's Security Information and Event Management (SIEM) solution that could be leveraged by a ...