Identity

Open bug in VSX allows malicious VS Code extensions to bypass pre-publication security checks

Ravi LakshmananMarch 27, 2026Software Security/DevSecOps Cybersecurity researchers have detailed a patched bug that affects Open VSX’s pre-publication scanning pipeline and allows the tool to bypass the review process and publish malicious Microsoft Visual Studio Code (VS Code) extensions…

Identity

AitM phishing uses Cloudflare turnstile bypass to target TikTok business accounts

Identity

Bearlyfy attacks over 70 Russian companies with custom GenieLocker ransomware

Identity

LangChain, LangGraph flaw exposes files, secrets, and databases of widely used AI framework

Identity

China-linked Red Mensheng uses stealth BPF door implant to spy via communications network

Identity

Flaw in Claude extension enabled zero-click XSS prompt injection via arbitrary websites

Identity

How hackers and art forgers perfected the art of deception

Identity

PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories

China’s DeepSeek-R1 AI generates unsafe code when mentioning Tibet or Uighurs in prompt

By November 24, 20250

New research from CrowdStrike reveals that DeepSeek’s artificial intelligence (AI) inference model DeepSeek-R1 creates more…

ShadowPad malware actively exploits WSUS vulnerabilities to gain system-wide access

By November 24, 20250

November 24, 2025Ravi LakshmananMalware/vulnerabilities A recently patched security flaw in Microsoft Windows Server Update Services…

China-linked APT31 launches stealth cyber attack on Russian IT using cloud services

By November 22, 20250

November 22, 2025Rabi LakshmananCyber espionage / cloud security The China-linked Advanced Persistent Threat (APT) group,…

Matrix Push C2 uses browser notifications for fileless, cross-platform phishing attacks

By November 22, 20250

Malicious attackers are leveraging browser notifications as a vector for phishing attacks to distribute malicious…

CISA warns that critical zero-day vulnerability in Oracle Identity Manager is being actively exploited

By November 22, 20250

November 22, 2025Rabi LakshmananZero-day/Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday…

Grafana patch CVSS 10.0 SCIM flaw allows impersonation and privilege escalation

By November 21, 20250

November 21, 2025Rabi LakshmananVulnerability/Threat Mitigation Grafana has released a security update to address a maximum…

What's Hot

Open bug in VSX allows malicious VS Code extensions to bypass pre-publication security checks

AitM phishing uses Cloudflare turnstile bypass to target TikTok business accounts

Live Science Today: A jaw-dropping first glimpse of the birth of a sperm whale and how NASA uses astronauts as test subjects

Identity

Open bug in VSX allows malicious VS Code extensions to bypass pre-publication security checks

AitM phishing uses Cloudflare turnstile bypass to target TikTok business accounts

Bearlyfy attacks over 70 Russian companies with custom GenieLocker ransomware

LangChain, LangGraph flaw exposes files, secrets, and databases of widely used AI framework

China-linked Red Mensheng uses stealth BPF door implant to spy via communications network

Flaw in Claude extension enabled zero-click XSS prompt injection via arbitrary websites

How hackers and art forgers perfected the art of deception

PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories

China’s DeepSeek-R1 AI generates unsafe code when mentioning Tibet or Uighurs in prompt

ShadowPad malware actively exploits WSUS vulnerabilities to gain system-wide access

China-linked APT31 launches stealth cyber attack on Russian IT using cloud services

Matrix Push C2 uses browser notifications for fileless, cross-platform phishing attacks

CISA warns that critical zero-day vulnerability in Oracle Identity Manager is being actively exploited

Grafana patch CVSS 10.0 SCIM flaw allows impersonation and privilege escalation

Latest Posts

Open bug in VSX allows malicious VS Code extensions to bypass pre-publication security checks

AitM phishing uses Cloudflare turnstile bypass to target TikTok business accounts

Live Science Today: A jaw-dropping first glimpse of the birth of a sperm whale and how NASA uses astronauts as test subjects

Bearlyfy attacks over 70 Russian companies with custom GenieLocker ransomware

Why the water sector needs to rethink its values

Trending News

Tesla Dojo: Elon Musk’s big plan to build an AI supercomputer, explained

AI Health Coaches Are Coming Soon to a Device Near You

Sudanese Army Plays More Capital Khartoum from RSF | Sudan War News

Castilla-La Mancha Ignites Innovation: fiveclmsummit Redefines Tech Future

Local Power, Health Innovation: Alcolea de Calatrava Boosts FiveCLM PoC with Community Engagement

The Future of Digital Twins in Healthcare: From Virtual Replicas to Personalized Medical Models

Human Digital Twins: The Next Tech Frontier Set to Transform Healthcare and Beyond

What's Hot

Identity

Latest Posts

Trending News

Subscribe to Updates