More results...
A high-severity security vulnerability has been discovered in Python’s asyncio module on Windows, potentially allowing attackers to write data beyond the boundaries of an allocated memory buffer. The flaw, tracked as CVE-2026-3298, was publicly d…
A newly identified cyber threat group, UNC6692, is using a clever mix of social engineering and custom malware to infiltrate corporate networks. By impersonating IT helpdesk personnel on Microsoft Teams, these hackers trick employees into downloading a…
GitLab has released emergency security patches addressing 11 vulnerabilities across its Community Edition (CE) and Enterprise Edition (EE), including three high-severity flaws that could allow attackers to execute malicious code, forge requests, and st…
Apple has rolled out security updates for iPhones and iPads that fix CVE-2026-28950, a logging issue in Notification Services that made devices unexpectedly retain notifications marked for deletion. The vulnerability was patched following a recent repo…
Cybersecurity researchers at Forcepoint uncover new indirect prompt injection attacks that use hidden website code to exploit AI assistants like GitHub Copilot.
A critical Server-Side Request Forgery (SSRF) vulnerability in LMDeploy’s vision-language module was exploited in active attacks just 12 hours and 31 minutes after its public disclosure, with no proof-of-concept code required. On April 21, 2026, …
Apple rolled out the security patches for dozens of iPhone and iPad models and generations.
The post Apple Patches iOS Flaw Allowing Recovery of Deleted Chats appeared first on SecurityWeek.
The flaw allows attackers to access the SAM database, extract NTLM hashes, and gain System privileges.
The post Recent Microsoft Defender Vulnerability Exploited as Zero-Day appeared first on SecurityWeek.
A severe supply chain attack has compromised the popular Python package Xinference, exposing developers to massive data theft. Threat actors uploaded malicious versions of the tool to the Python Package Index (PyPI), embedding a heavily obfuscated info…
Apple recently rolled out iOS 26.4.2 and iPadOS 26.4.2 to patch a critical privacy vulnerability affecting millions of users. Released on April 22, 2026, this vital security update addresses a flaw that could accidentally expose sensitive message data …