A Two-Year-Old JavaScript Worm Locked Wikipedia
A rogue script quietly planted in Russian Wikipedia in March 2024 lay undetected until a Wikimedia Foundation security engineer inadvertently woke it…
Security
Google Uncovers "Coruna": The iOS Exploit Kit That Jumped From Spies to Scammers
Google's Threat Intelligence Group (GTIG) has pulled back the curtain on one of the most technically accomplished iOS exploit kits ever documente…
7 Best Next Gen Endpoint Security Platforms in 2026
Endpoint security has evolved from reactive malware prevention into a strategic control layer embedded across identity, cloud, SaaS, and AI-driven op…
Google Is Testing the HTTPS Replacement Designed to Outlast Quantum Computers
The padlock icon in your browser is about to undergo its most radical overhaul in 30 years. Google has cracked a problem that had the security commun…
New AirSnitch Attack Bypasses WPA2 and WPA3 Client Isolation
What security feature did your router vendor quietly add to stop Wi-Fi users from attacking each other? It doesn't work. A team of academic resea…
Hackers Could Hijack Your Machine Just by Sharing a Git Repo — Claude Code Users Were at Risk
Developers who use Anthropic's Claude Code to write software with AI assistance were sitting on a serious security blind spot: cloning the wrong …
n8n Hit Again: Critical RCE Flaw Lets Attackers Hijack Servers by Chaining Three Harmless-Looking Nodes
Security researcher Fatih Çelik has disclosed yet another critical remote code execution (RCE) vulnerability in n8n, the popular open-source workflow…
Chinese Hackers Hid Spy Commands Inside Google Sheets to Infiltrate 53 Telecoms Across 42 Countries
For nearly a decade, a suspected Chinese state-backed hacking group quietly burrowed into the world's phone networks — and they did it hiding in …
Chinese AI Labs Ran 16 Million Fake Conversations With Claude to Steal Its Capabilities
Anthropic has uncovered one of the most sophisticated AI theft operations to date — and the evidence points directly at three Chinese labs. In a disc…
PayPal's Loan App Bug Leaked SSNs for Six Months — And Nobody Noticed
A software coding error — not a hacker — is behind PayPal's latest data breach disclosure. The company began sending formal breach notification l…
Your New Android Tablet May Have Been Compromised Before You Even Opened the Box
A new Android backdoor called Keenadu was shipped inside tablet firmware before devices ever reached consumers' hands — and it's already clai…
Critical Flaws Exposed in zkLogin: Zero-Knowledge Proofs Can't Fix Broken Authentication
Brave Software researchers have disclosed critical vulnerabilities in zkLogin, a widely-deployed blockchain authentication system used across the Sui…
Hackers Are Now Calling AI to Write Malware On-the-Fly, Google Warns
Nation-state hackers have crossed a troubling threshold: they're now weaponising commercial AI to generate malicious code dynamically during acti…
Credential-Stealing Flaw in Ivanti EPM Lets Hackers Waltz Past Authentication
Ivanti just patched a critical authentication bypass in its Endpoint Manager that hands attackers stored credentials on a silver platter—no login req…
Critical RCE Flaw in Popular Manga Translation Tool Exposes Thousands to Takeover
A critical security vulnerability in manga-image-translator, a widely used open-source OCR tool with over 9,300 GitHub stars, allows attackers to exe…
New Notepad Flaw That Lets Hackers Execute Code via Markdown Files
Microsoft patched a serious security hole in Windows Notepad this week that could allow attackers to remotely execute malicious code on victims' …
5 Best AI AppSec Tools in 2026
Application security did not become harder because organisations lack tools. It became harder because risk no longer lives in one place. Modern appli…