Threat actors have demonstrated just how quickly they operate today after exploiting a critical open source vulnerability ...

Langflow CVE-2026-33017 exploited in 20 hours after disclosure, enabling RCE via exec(), exposing systems before patching cycles.

Because attacker-supplied flow data is used in public flows, the bug leads to unauthenticated remote code execution.

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...

Forget stolen credentials and misconfigurations; AI means vulnerability exploits that beat patching cycles are the top cause of compromises in the cloud.

Hackers are increasingly exploiting newly disclosed vulnerabilities in third-party software to gain initial access to cloud environments, with the window for attacks shrinking from weeks to just days.

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...

The suspected India-linked threat group targets governments and critical infrastructure using spear-phishing, old flaws, and ...

Movsar Evloev vs. Lerone Murphy continues on the prelims with a fight between Shem Rock and Abdul-Kareem Al-Selwady in the ...

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across developer systems.

Google report: AI is accelerating cloud cyberattacks, and one weak link stands out ...

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...