VS Code 1.26 prevents automatic code execution for new project folders, lets users configure whether code can be executed ...
GitLab CE/EE security updates resolve 13 vulnerabilities, including high-severity code execution and information disclosure ...
A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers ...
Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...
Island found dormant JavaScript injection paths in Adblock for YouTube, a Chrome extension with 10M+ installs, raising ...
PureLogs Stealer uses fake PDF JavaScript files and Google's Blogger pages in the VEIL#DROP campaign, enabling fileless ...
Urgent Chrome update: An emergency Chrome patch was issued on June 9, 2026 to address CVE-2026-11645 in the V8 JavaScript engine. V8 engine flaw: The vulnerability stems from an out-of-bounds ...
The Windows-based CryptoBandits cryptocurrency clipper blends data exfiltration and remote code execution in a backdoor.
IntroductionOn May 14, 2026, the Zscaler ThreatLabz team identified unusually high activity associated with the threat actor SmartApeSG to deploy malware. During our examination, we discovered ...
Microsoft says it has detected new self-propagating malware that spreads through USB drives in search of cryptocurrency ...
The malware blends data theft with remote code execution, “turning a financially motivated stealer into a lightweight backdoor,” Microsoft said. Microsoft Threat Intelligence is warning Windows users ...