27+ min ago  (326+ words) A critical security vulnerability has been discovered in Gogs, a widely used open'source self'hosted Git service, that could allow attackers to silently overwrite Git Large File Storage (LFS) objects across repositories. The flaw, tracked as CVE-2026-25921, carries a CVSS v3.1 score…...

2+ hour, 22+ min ago  (294+ words) A critical security flaw in ExifTool is putting macOS users at risk by allowing malicious image files to trigger code execution during routine metadata processing. Because it supports a huge number of file formats, it is often built into digital…...

1+ hour, 2+ min ago  (1295+ words) The cybersecurity landscape has shifted dramatically, and traditional spam filters are no longer enough to protect sensitive enterprise data. As we navigate through 2026, threat actors are leveraging sophisticated AI-powered exploits to bypass standard security protocols, craft hyper-realistic deepfake audio messages,…...

4+ hour, 35+ min ago  (379+ words) A newly identified Linux malware called ClipXDaemon is targeting cryptocurrency users by hijacking copied wallet addresses in X11 sessions. According to Cyble Research and Intelligence Labs, the malware was spotted in early February 2026 and later detailed on March 5, 2026. Its goal is…...

3+ hour, 25+ min ago  (474+ words) OpenAI has announced plans to acquire Promptfoo, an AI security testing platform designed to identify and fix vulnerabilities in large language model (LLM) applications. The move aims to strengthen security testing capabilities within OpenAI's enterprise platform, OpenAI Frontier, as organizations increasingly…...

6+ hour, 3+ min ago  (350+ words) Security researchers say the Pakistan-linked threat group Transparent Tribe, also tracked as APT36, is showing a new malware development pattern built around AI-assisted code generation. The shift is not producing highly advanced malware. However, it is helping the group create large…...

21+ hour, 1+ min ago  (305+ words) A Chinese-linked cyber-espionage group tracked as CL-UNK-1068 has been conducting stealthy attacks on critical infrastructure across South, Southeast, and East Asia since at least 2020. Experts believe the group's main goal is espionage, collecting sensitive data from strategic targets, though some…...

22+ hour, 9+ min ago  (326+ words) Apache ZooKeeper, a widely used centralized service for maintaining configuration data and synchronization in distributed systems, has received critical security patches addressing two high-impact flaws that could lead to sensitive data exposure and potential server impersonation attacks. Due to inadequate…...

23+ hour, 5+ min ago  (314+ words) A critical vulnerability has been uncovered in ZITADEL, the open'source identity and access management (IAM) platform widely used by enterprises for secure authentication workflows. The flaw, tracked as CVE'2026'29191, allows unauthenticated remote attackers to execute arbitrary JavaScript code directly inside…...

23+ hour, 47+ min ago  (351+ words) The extension, named "lm'oken Chromophore," disguises itself as a harmless color visualization tool but secretly redirects victims to phishing pages that capture sensitive wallet information such as seed phrases and private keys. The malicious extension, identified by the extension, was…...