Attackers exploited Hugging Face’s trusted infrastructure to spread an Android RAT, using fake security apps and thousands of malware variants.

To exploit the vulnerability, an attacker would need either system access or be able to convince a user to open a malicious ...

Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability ...

Attackers exploited Hugging Face’s trusted infrastructure to spread an Android RAT, using fake security apps and thousands of ...

APT28 exploited a Microsoft Office flaw to deliver MiniDoor and Covenant Grunt malware in targeted attacks across Ukraine and Eastern Europe.

Two high-severity vulnerabilities in Chainlit, a popular open-source framework for building conversational AI applications, ...

Researchers disclose rapid exploit chain that let attackers run code via a single malicious web page Security issues continue ...

A serious vulnerability in Instagram allowed attackers to access private photos and captions without authentication.

Rapid7 links China-linked Lotus Blossom to a 2025 Notepad++ hosting breach that delivered the Chrysalis backdoor via hijacked ...

January 2026 was a wake-up month for enterprise security teams. In a single week, CERT-In released three high-severity ...

Notepad++ has been compromised in a sophisticated nation-state cyberattack. Learn about the security breach, the ...

Microsoft releases an urgent out-of-band update for a critical Office zero-day flaw already exploited in real-world attacks.