Fuji Electric Tellus
View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to elevate privileges from user to system, which may then enable the ...
Vulnerability Disclosure
20 articles
Claude Mythos Finds Only One Curl Vulnerability; Experts Divided on What It Really Means
Curl’s lead developer says Mythos claims are marketing, but many in the industry believe the results stem from Curl’s robust security. The post Claude Mythos...
Open WebUI File Upload Vulnerability Enables 1-Click RCE Attack
A critical, unpatched vulnerability is actively threatening Open WebUI users, turning a simple profile picture upload into a gateway for complete system comp...
Copy.Fail Linux Vulnerability
This is the worst Linux vulnerability in years. TL;DR copy.
Škoda confirms unauthorized access to its online shop
Car manufacturer Škoda discovered that attackers had exploited a vulnerability in its online shop software and gained temporary unauthorized access to the sy...
Developer workstations are the new beachhead
I spent the first week of April reading three separate threat intelligence reports that, on the surface, had nothing in common. One covered a North Korean ca...
Claude Chrome Extension Flaw Lets Malicious Add-Ons Steal Gmail and Drive Data
A critical vulnerability dubbed “ClaudeBleed” has compromised Anthropic’s trusted AI assistant, potentially turning it into a backdoor. This severe design fl...
OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation
OpenAI has launched Daybreak, a new cybersecurity initiative that brings together frontier artificial intelligence (AI) model capabilities and Codex Security...
Magecart Hackers Exploit Google Tag Manager to Inject Credit Card Skimmers
Magecart-style attackers are once again abusing trusted web services, this time weaponizing Google Tag Manager (GTM) to inject credit card skimmers into ecom...
HEIDI: Free IDE security plugin for open-source vulnerability checks
Open-source dependencies make up a large percentage of the code in production applications, and most vulnerability checks still run late in the pipeline, ins...
Instructure confirms hackers used Canvas flaw to deface portals
Education technology giant Instructure has confirmed that a security vulnerability allowed hackers to modify Canvas login portals and leave an extortion mess...
GTIG AI Threat Tracker: Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access
Executive Summary Since our February 2026 report on AI-related threat activity, Google Threat Intelligence Group (GTIG) has continued to track a maturing tra...
Linux developers weigh emergency “killswitch” for vulnerable kernel functions
Linux kernel developers are reviewing a proposal for an emergency risk mitigation mechanism (“Killswitch”) that would allow administrators to disable vulnera...
9-Year-Old Dirty Frag Vulnerability Enables Root Access on Linux Systems
The Dirty Frag vulnerability affects Linux systems and allows root access escalation, while public PoC exploit code increases attack risks.
PHP SOAP Extension Flaw Could Let Attackers Execute Code Remotely
Recently disclosed vulnerabilities in PHP, particularly within its widely used SOAP extension, have raised significant alarms across the cybersecurity commun...
New ‘Dirty Frag’ exploit targets Linux kernel for root access
A newly disclosed Linux privilege escalation issue dubbed “Dirty Frag” is giving attackers a cleaner path to post-compromise escalation to root privileges. A...
Hackers Exploit Vercel GenAI to Mass-Produce Convincing Phishing Sites
Hackers are abusing Vercel GenAI to create convincing phishing sites that mimic major brands, including Microsoft, Adidas, and Nike, making scams harder to d...
Security teams are turning to AI to survive alert overload
The World Economic Forum white paper “Empowering Defenders: AI for Cybersecurity” identified AI as the biggest driver of change in cybersecurity for 94% of s...
New cPanel vulnerabilities could allow file access and remote code execution
cPanel fixed three flaws that could allow file reads, code execution, and privilege escalation. No active exploitation has been reported yet.
Copy Fail and DirtyFrag: Linux Page Cache Bugs in the Wild
This research analyzes the Linux kernel privilege escalation vulnerabilities Copy Fail and DirtyFrag, which exploit subtle page cache corruption bugs to crea...