Langflow CVE-2026-33017 exploited in 20 hours after disclosure, enabling RCE via exec(), exposing systems before patching cycles.

Cybernews researchers uncovered numerous OpenWebUI instances that were silently running malware.

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across developer systems.

Microsoft’s geospatial data service is designed to help research projects using public satellite and sensor information.

Sysdig cited figures from the Zero Day Clock initiative which revealed that median time-to-exploit (TTE) collapsed from 771 ...

Microsoft used Nvidia's GTC conference this week to roll out a series of enterprise AI announcements spanning agent infrastructure, real-time voice interactions and next-generation GPU deployments.

Learn how to protect Model Context Protocol (MCP) from quantum-enabled adversarial attacks using automated threat detection and post-quantum security.

When custom tools beat built-in ones.

AI has made cyberwar fast, cheap and autonomous, reshaping power and security for states, companies and criminals ...

A malicious Python package masquerading as a legitimate Telegram development tool has been identified as a vehicle for remote code execution attacks, raising concerns about supply chain security ...