Threat actors are exploiting an unauthenticated information disclosure vulnerability in the WordPress plugin Gravity SMTP, active on 100,000 sites. The flaw is tracked as CVE-2026-4020 and received a ...
Przemysław Kapczuk, Expert of Artificial Intelligence. Europe is rapidly increasing its use of artificial intelligence in ...
CISA added four exploited flaws to KEV, covering Adobe ColdFusion, Joomla page builders, and Langflow ahead of July 10 fixes.
Two newly disclosed critical vulnerabilities in Adobe ColdFusion and Langflow join two Joomla extension flaws in CISA's Known ...
The DuneSlide vulnerabilities enable zero-click prompt injection attacks that escape Cursor's sandbox and execute arbitrary code on the underlying operating system.
Sophos says Claude Code, Cursor, and Codex triggered Windows endpoint rules for credential access, LOLBin downloads, and ...
Adobe’s rapid web-application development platform, Adobe ColdFusion, received a patch earlier this month that fixes several exploits, including CVE-2026-48282. However, users need to ensure they ...
In the brief history of AI security, the prompt injection has quickly become the top threat. Large language models are ...
The critical libssh2 CVE-2026-55200 flaw inverts SSH security: the remote server attacks the connecting client, no ...
A year ago, ESET Research was part of two major operations that disrupted some of the leading cybercriminal operations at the time, Lumma Stealer and Danabot. More recently, our researchers are once ...
Vulnerability in UpdraftPlus plugin on Awesome Motive’s marketing server enabled CDN compromise and malicious JavaScript injection Malware targeted logged‑in WordPress admins, harvesting tokens and ...
Microsoft Threat Intelligence and Microsoft Defender Experts identified a Windows-based cryptocurrency clipper that has affected users since February of 2026. Clipper malware relies on stealing ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results