Threat actors have demonstrated just how quickly they operate today after exploiting a critical open source vulnerability ...

Langflow CVE-2026-33017 exploited in 20 hours after disclosure, enabling RCE via exec(), exposing systems before patching cycles.

A critical Langflow vulnerability leading to unauthenticated remote code execution has been exploited hours after public disclosure.

RSAC 2026 The now-infamous Anthropic report about Chinese cyberspies abusing Claude AI to automate cyberattacks was a Rorschach test for the infosec community, according to former NSA cyber boss Rob ...

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...

Forget stolen credentials and misconfigurations; AI means vulnerability exploits that beat patching cycles are the top cause of compromises in the cloud.

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and enabling remote control.

Hackers are increasingly exploiting newly disclosed vulnerabilities in third-party software to gain initial access to cloud environments, with the window for attacks shrinking from weeks to just days.

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...

The suspected India-linked threat group targets governments and critical infrastructure using spear-phishing, old flaws, and ...

Google report: AI is accelerating cloud cyberattacks, and one weak link stands out ...

Microsoft has rolled out fixes for 83 vulnerabilities in its products, including a critical bug, but none of them require ...