Google has released a major security update for Google Chrome to address 21 vulnerabilities, including a dangerous zero-day flaw identified as CVE-2026-5281 that is already being actively exploited. This vulnerability is a use-after-free bug found…

A critical vulnerability in the Claude Chrome Extension from Anthropic allowed attackers to inject malicious prompts without any user interaction. This flaw, known as ShadowPrompt, made it possible for a victim to be compromised simply…

The Federal Communications Commission (FCC) has announced a ban on new foreign-made consumer routers, citing serious cybersecurity and supply chain risks. This decision prevents newly manufactured routers from overseas vendors from being marketed or sold…

The LeakNet ransomware group has adopted a new attack method using ClickFix, a social engineering technique delivered through compromised websites. Instead of relying on stolen credentials, attackers trick users into running malicious commands—such as msiexec.exe—via…

A serious security flaw has been discovered in Ubuntu Desktop versions 24.04 and later, allowing attackers to gain root access. Tracked as CVE-2026-3888 with a CVSS score of 7.8, this vulnerability is considered high risk…

Security authorities in China have issued a warning about serious vulnerabilities in OpenClaw AI agent, an open-source and self-hosted autonomous artificial intelligence platform formerly known as Clawdbot and Moltbot. The China National Computer Network Emergency…

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a newly disclosed VMware Aria Operations vulnerability (CVE-2026-22719) to its Known Exploited Vulnerabilities (KEV) catalog after reports of active exploitation in the wild. The flaw…

Cybersecurity researchers have discovered malicious Laravel packages on Packagist that secretly install a Remote Access Trojan (RAT) capable of infecting Windows, macOS, and Linux systems. These packages appear to be helpful Laravel utilities but are…

Researchers have discovered that the threat actor behind a recent AI-assisted cyberattack targeting Fortinet FortiGate appliances used an open-source offensive security platform called CyberStrikeAI. According to Team Cymru, the attacker conducted automated mass scanning using…

Security researchers have uncovered multiple high-risk vulnerabilities in Claude Code, the AI-powered coding assistant from Anthropic. The flaws could allow attackers to achieve remote code execution (RCE) and steal API credentials when developers open untrusted…