CISA flags new SD-WAN flaw as actively exploited in attacks

CISA has given U.S. government agencies four days to secure their systems against another Catalyst SD-WAN Manager ...

Actively exploited Apache ActiveMQ flaw impacts 6,400 servers

Nonprofit security organization Shadowserver found that over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ...
Dark Reading

Google Fixes Critical RCE Flaw in AI-Based Antigravity Tool

The prompt injection issue in the agentic AI product for filesystem operations was a sanitization issue that allowed for ...

Mythos remains a mystery as security world faces rising threats, agentic attacks and concerns about AI integrity

Mythos remains a mystery as security world faces rising threats, agentic attacks and concerns about AI integrity - ...
Dark Reading

Exploits Turn Windows Defender into Attacker Tool

Three proof-of-concept exploits are being used in active attacks against Microsoft's built-in security platform; two are ...
CoinDesk

Crypto's massive exploit may force big banks to rethink their blockchain plans, Jefferies warns

The $293 million Kelp DAO exploit has exposed critical infrastructure risks, leading Jefferies to suggest that traditional ...
The Hacker News

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

Antigravity Strict Mode bypass disclosed Jan 7, 2026, patched Feb 28, enables arbitrary code execution via fd -X flag.
Decrypt

Google Fixes AI Coding Tool Flaw That Let Attackers Execute Malicious Code: Report

Researchers say a prompt injection bug in Google's Antigravity AI coding tool could have let attackers run commands, despite ...

Microsoft Defender Flaws Exploited on Windows, Two Left Unpatched

Although the team with Microsoft moved swiftly to patch the BlueHammer vulnerability, other exploits still threaten Microsoft ...
CSO Online

Thousands of Apache ActiveMQ instances still unpatched, weeks after an actively exploited hole discovered

Now that an attacker can use an LLM to weaponize a bug the minute it's found, taking 12 days to patch ‘is essentially a ...
CoinDesk

KelpDAO hackers are laundering millions in stolen crypto, data show

KelpDAO hackers are moving $290M in stolen crypto across blockchains, using privacy tools to mask the trail as DeFi contagion ...

Over 800 Android Apps Targeted in PIN-Stealing Trojan Campaign

Four Android banking malware campaigns are targeting more than 800 apps by abusing overlays, Accessibility permissions, and ...