Cybersecurity researchers have discovered malicious code in an npm package after a malicious package as a dependency to the project by Anthropic’s Claude Opus large language model (LLM). The package… Read More »New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs
In February 2026, researchers uncovered a shift that completely changed the game: threat actors are now using custom AI setups to automate attacks directly into the kill chain. We aren’t… Read More »Webinar: How to Automate Exposure Validation to Match the Speed of AI Attacks
Every security team has a version of the same story. The quarter ends with hundreds of vulnerabilities closed. The dashboards are bursting with green. Then someone in a leadership meeting… Read More »What to Look for in an Exposure Management Platform (And What Most of Them Get Wrong)
cPanel has released security updates to address a security issue impacting various authentication paths that could allow an attacker to obtain access to the control panel software. The problem affects… Read More »Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting ConnectWise ScreenConnect and Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence… Read More »CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV
In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI’s LiteLLM Python package has come under active exploitation in… Read More »LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure
Cybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHub.com and GitHub Enterprise Server that could allow an authenticated user to obtain remote code execution with a single… Read More »Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push
A cybercrime group of Brazilian origin has resurfaced after more than three years to orchestrate a campaign that targets Minecraft players with a new stealer called LofyStealer (aka GrabBot). “The… Read More »Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign
Threat hunters are warning that the cybercriminal operation known as VECT 2.0 acts more like a wiper than a ransomware due to a critical flaw in its encryption implementation across… Read More »VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXi
Every security program is betting on the same assumption: once a system is connected, the problem is solved. Open a ticket, stand up a gateway, push the data through. Done.… Read More »Why Secure Data Movement Is the Zero Trust Bottleneck Nobody Talks About