A China-linked threat cluster has been exploiting vulnerable Roundcube servers at U.S. and Canadian universities to steal ...
Proofpoint says UNK_MassTraction exploited patched Roundcube flaws to target U.S. and Canadian university mail servers.
Adobe has urged ColdFusion customers to patch their instances immediately after at least one maximum severity flaw was ...
Attackers can exploit how AI bots hallucinate software URLs to create massive botnets. The vulnerability is endemic to every ...
The popular product lifecycle management platform is under active exploitation for an RCE vulnerability that could put ...
Summer Finance—a yield aggregation and automated vault management platform formerly known as Oasis.app—has fallen victim to an exploit that drained roughly $6 ...
SecondFi is done. The Cardano-linked wallet firm won't resume normal business — it's pivoting entirely to getting stolen ...
A researcher found that using Anthropic’s Claude Opus 4.7, he could break into the website of Front Gate—used by every ...
Attackers drained about $830,000 in USDC from Hinkal on July 3, nearly matching the privacy protocol’s total value locked across five blockchains. Blockchain se ...
Researchers at XM Cyber have discovered a method to attack a Mac without requiring a kernel exploit or bypassing macOS’s ...
Threat actors are exploiting an unauthenticated information disclosure vulnerability in the WordPress plugin Gravity SMTP, active on 100,000 sites. The flaw is tracked as CVE-2026-4020 and received a ...
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.