More results...
OpenAI’s Codex CLI, a command-line tool designed to bring AI-powered reasoning into developer workflows, contains a critical vulnerability that allows attackers to execute arbitrary commands on developer machines without any user interaction or a…
Qualcomm Technologies, Inc. has issued an urgent security bulletin warning customers about multiple critical vulnerabilities affecting millions of devices worldwide. The most severe flaw threatens the secure boot process, a fundamental security mechani…
CISA has added CVE-2021-26829 to its Known Exploited Vulnerabilities (KEV) catalog.
The post CISA Warns of ScadaBR Vulnerability After Hacktivist ICS Attack appeared first on SecurityWeek.
Security researchers have discovered that modern attackers are abandoning traditional offensive tools and instead weaponizing legitimate Windows utilities to conduct cyberattacks without triggering security alarms. This shift in tactics, known as ̶…
A critical security vulnerability has been discovered in Devolutions Server, a popular centralized password and privileged access management solution. The flaw, rated critical severity by experts, could allow attackers to steal sensitive data or modify…
Security researchers have released a proof-of-concept (PoC) exploit for CVE-2024-21413, a critical remote code execution vulnerability in Microsoft Outlook dubbed “MonikerLink.” This flaw enables attackers to execute arbitrary code on victi…
Linus Torvalds has officially released Linux 6.18, the latest stable version of the Linux kernel. The announcement came on Sunday, November 30, 2025, marking another milestone for the open-source operating system that powers everything from smartphones…
Cybersecurity firm Cato Networks reveals HashJack, a new AI browser vulnerability using the ‘#’ symbol to hide malicious commands. Microsoft and Perplexity fixed the flaw, but Google’s Gemini remains at risk.
A recently discovered vulnerability in Apache SkyWalking, a popular application performance monitoring tool, could allow attackers to execute malicious scripts and launch cross-site scripting (XSS) attacks. The flaw, identified as CVE-2025-54057, affec…
GitLab’s security team has discovered a severe, ongoing attack spreading dangerous malware through npm, the world’s most extensive code library. The malware uses an alarming “dead man’s switch,” a self-destruct trigger tha…