During testing, we found that Codex CLI will automatically load and execute MCP server entries from a project-local configuration whenever codex is run inside that repository. Concretely, if a repo...

The fake sites were identified by their suspicious resource usage and recurring templates. This operation includes two main groups: one with over 750 interconnected sites, 170 of which impersonate ...

North Korea-linked threat actors added 197 new malicious npm packages to spread updated OtterCookie malware as part of the ongoing Contagious Interview campaign, cybersecurity firm Socket warns. T...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog to include a security flaw impacting OpenPLC ScadaBR, citing evidence ...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2019-25226 Dongyoung Media Tech C...

The ShadowV2 botnet, based on Mirai, has resurfaced, targeting IoT devices across industries. Fortinet assesses that a recent campaign coinciding with an AWS outage in late October 2025 was likely ...

A new campaign, dubbed Shai-hulud 2.0, has been identified targeting cloud and developer ecosystems with a sophisticated malware variant. This updated version builds upon its predecessor by stealin...

Google’s Antigravity, an AI agent development tool released on November 18th, is facing scrutiny due to newly discovered vulnerabilities. Security researchers are cautioning app developers about th...

If the domain hosting the calendar is abandoned and subsequently expires, it opens a dangerous vulnerability. Cybercriminals can re-register these expired domains, effectively hijacking the trust e...

Earlier this month, the Anthropic report assessed with high confidence that a state-sponsored cyber actor backed by the PRC executed an autonomous attack against the U.S. company using AI with mini...

GitLab’s Vulnerability Research team has uncovered a large-scale supply chain attack spreading a destructive malware variant through the npm ecosystem. Once running, the malware aggressively harve...

Bloody Wolf, an actor active since at least late 2023, is expanding its operations in Central Asia, now targeting Kyrgyzstan and Uzbekistan with the NetSupport RAT. The group has been active since ...

Microsoft’s NTLM authentication protocol, while largely superseded by Kerberos, remains a persistent security risk due to its continued use in legacy systems and ease of configuration. Attackers ar...

A cyberattack targeting OnSolve’s CodeRED emergency notification system has disrupted services and potentially exposed user data across multiple US states. The breach forced Crisis24, the provider ...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2025-33194 NVIDIA - DGX Spark ...

New research has found that organizations in various sensitive sectors, including governments, telecoms, and critical infrastructure, are pasting passwords and credentials into online tools like JS...

Source: Arctic Wolf Excerpt: In September 2025, Arctic Wolf® Labs identified a U.S.-based company that was targeted by RomCom threat actors via SocGholish, operated by TA569. While the typical ini...

A new free AI tool named KawaiiGPT is being leveraged by cybercriminals to automate and simplify a range of attacks, including phishing, ransomware deployment, and data exfiltration. The tool, curr...

The FBI is warning of a significant surge in account takeover (ATO) fraud schemes, with cybercriminals impersonating financial institutions and stealing over $262 million since January 2025. The ag...

On the surface, the Superbox media streaming devices for sale at retailers like BestBuy and Walmart may seem like a steal: they offer unlimited access to more than 2,200 pay-per-view and streaming ...