Fake CVE exploit repos pull frint and skytext packages to steal researcher credentials, with servers still live as of July 1.
Two newly disclosed critical vulnerabilities in Adobe ColdFusion and Langflow join two Joomla extension flaws in CISA's Known ...
North Korean hackers are targeting open source software developers with a backdoor and an information stealer as part of a ...
The campaign spans npm, Packagist, Go, and Chrome, using obfuscated JavaScript loaders and VS Code tasks to deliver malware.
Dialogflow CX 'Rogue Agent' Flaw Enabled AI Chatbot Data Theft Varonis reported the flaw to Google in late 2025 and it has been addressed, but it reminds defenders to take a fresh look at their AI ...
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading ...