News
-
Fake Python Spellchecker Packages on PyPI Spread Hidden RAT Malware
Read more: Fake Python Spellchecker Packages on PyPI Spread Hidden RAT MalwareSecurity researchers have uncovered malicious Python packages on PyPI that pretended to be simple spellchecker tools but secretly delivered a remote access trojan (RAT). The packages, spellcheckerpy and spellcheckpy, were downloaded over 1,000 times before…
-
Fake VS Code AI Extension Used to Deploy Malware via Moltbot Name
Read more: Fake VS Code AI Extension Used to Deploy Malware via Moltbot NameSecurity researchers have discovered a malicious Visual Studio Code extension that impersonated Moltbot (formerly Clawdbot) and claimed to be a free AI coding assistant. The extension was published on the official VS Code Marketplace before…
-
Google Gemini Security Issue Enabled Silent Access to Private Calendar Events
Read more: Google Gemini Security Issue Enabled Silent Access to Private Calendar EventsSecurity researchers have uncovered a Google Gemini prompt injection vulnerability that allowed attackers to access private Google Calendar data using malicious calendar invites. The flaw abused indirect prompt injection, bypassing authorization controls without direct user…
-
LastPass Phishing Scams Resurface, Users Urged to Stay Alert
Read more: LastPass Phishing Scams Resurface, Users Urged to Stay AlertLastPass is warning users about a renewed phishing campaign impersonating the official LastPass service. The attack aims to steal users’ master passwords by sending fake emails that claim an upcoming system maintenance and urge recipients…
-
Fortinet Patches Critical FortiSIEM Vulnerability Allowing Remote Code Execution
Read more: Fortinet Patches Critical FortiSIEM Vulnerability Allowing Remote Code ExecutionFortinet has released security updates to fix a critical vulnerability in FortiSIEM that could allow an attacker to execute code remotely without authentication. The flaw is tracked as CVE-2025-64155 and has a CVSS score of…
-
Advanced VoidLink Linux Malware Targets Cloud and Container Environments
Read more: Advanced VoidLink Linux Malware Targets Cloud and Container EnvironmentsCybersecurity researchers have uncovered a new and highly advanced Linux malware framework called VoidLink, designed specifically to operate in cloud and container environments. First discovered in December 2025, this malware is considered a serious threat…
-
Trend Micro Releases Security Updates to Fix Critical Apex Central Windows Flaws
Read more: Trend Micro Releases Security Updates to Fix Critical Apex Central Windows FlawsTrend Micro has released security updates to address several serious vulnerabilities affecting on-premise versions of Apex Central for Windows. One of these flaws is classified as critical because it could allow attackers to execute malicious…
-
CISA Warns of Actively Exploited Security Flaws in Microsoft Office and HPE OneView
Read more: CISA Warns of Actively Exploited Security Flaws in Microsoft Office and HPE OneViewThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a new security warning after adding two vulnerabilities affecting Microsoft Office and HPE OneView to its Known Exploited Vulnerabilities (KEV) catalog. This means the flaws…
-
5 Critical Threats That Shaped Web Security in 2025
Read more: 5 Critical Threats That Shaped Web Security in 2025As 2025 comes to an end, security professionals are realizing that traditional web security defenses are no longer enough. Artificial intelligence, advanced injection techniques, and supply chain compromises have forced organizations to rethink how they…
-
Cisco Updates 350-401 ENCOR Syllabus: What’s New in the Enterprise Core Exam
Read more: Cisco Updates 350-401 ENCOR Syllabus: What’s New in the Enterprise Core ExamCisco has updated the 350-401 ENCOR exam syllabus, which is the core exam for CCNP Enterprise and CCIE Enterprise certifications. The update aims to align the exam with real-world enterprise networking requirements. The Implementing Cisco…