Langflow CVE-2026-33017 Exploited to Steal AWS Keys, Deploy NATS Worker
Langflow instances left unpatched against CVE-2026-33017 are now being actively abused not just for remote code execution, but as launchpads to steal AWS key...
20 articles
Langflow instances left unpatched against CVE-2026-33017 are now being actively abused not just for remote code execution, but as launchpads to steal AWS key...
A critical vulnerability in NGINX’s source code, hidden since 2008, has finally been exposed, and a working exploit is already in the wild. Security research...
A sudden change in GitHub’s token format has triggered an unexpected security vulnerability in Composer, exposing sensitive authentication tokens in CI/CD lo...
A critical, stealthy vulnerability is lurking deep within Exim, the software powering a massive share of the world’s email infrastructure. Sitting exposed on...
The foundation of countless modern applications is under an emerging threat. A severe vulnerability in MongoDB could allow attackers to execute unauthorised ...
The Gentlemen ransomware-as-a-service (RaaS) operation is turning exposed Fortinet and Cisco edge devices into a fast lane into enterprise networks and doing...
In a massive blow to the global electronics supply chain, manufacturing giant Foxconn has confirmed a major cyberattack on its North American operations. The...
A newly discovered Linux local privilege escalation vulnerability, dubbed “Fragnesia,” is sending shockwaves through the cybersecurity community. This critic...
Seedworm also known as MuddyWater, Temp Zagros, and Static Kitten is widely attributed to Iran’s Ministry of Intelligence and Security (MOIS). An Iran-linked...
A newly disclosed Windows zero-day, YellowKey, is attracting significant attention because it can bypass BitLocker protection and expose data on encrypted dr...
The ultimate irony in cybersecurity has just struck the very tool designed to catch and isolate deadly malware has become an open door for hackers. A newly d...
A newly discovered security flaw in Microsoft Teams for Android could allow attackers to carry out dangerous spoofing attacks. By exploiting improperly secur...
Mobile devices have become ground zero for a ruthless wave of cyberattacks, with invisible threat actors draining bank accounts and hijacking digital identit...
Microsoft has officially released its May 2026 Patch Tuesday updates, delivering critical security fixes and system improvements for multiple Windows 11 vers...
A newly observed ClickFix campaign is pushing beyond simple user-triggered infections, introducing a more persistent and stealthy intrusion chain using PySox...
Ransomware is evolving faster than many defenses can keep up. In 2026, attackers are no longer just encrypting files they are systematically dismantling secu...
Infostealer malware is no longer just a consumer nuisance it has become a direct bridge between personal device infections and full-scale enterprise breaches...
Ransomware activity remained elevated in Q1 2026, continuing the trend established over the past year. The latest State of Ransomware Q1 2026 report reveals ...
Hackers are abusing fake download sites for popular tools like FinalShell and Xshell to deliver a new remote access trojan known as Kong RAT, in a highly sta...
A newly disclosed batch of vulnerabilities in Zoom’s software suite could give attackers the leverage they need to hijack systems. Zoom has released critical...