CPU-Z and HWMonitor Malware Download: What to Check After the CPUID Compromise
Downloaded CPU-Z or HWMonitor during the CPUID compromise? Check the April 9-10…
TrapDoor Hits npm, PyPI and Crates.io With AI Config Poisoning
TrapDoor spreads malicious packages through npm, PyPI and Crates.io, steals developer secrets,…
Megalodon GitHub Actions Malware
Megalodon injected malicious GitHub Actions workflows into 5,561 repositories. Here is what…
Deno RAT Fake Downloads
Malwarebytes found fake GitHub and SourceForge downloads impersonating ChatGPT, Claude, AutoTune, and…
7-Zip CVE-2026-48095 Fix
CVE-2026-48095 is a 7-Zip NTFS handler heap overflow fixed in 7-Zip 26.01.…
UniFi OS Patch Guide
Ubiquiti patched five UniFi OS vulnerabilities, including three CVSS 10 critical flaws.…
Drupal Core CVE-2026-9082: PostgreSQL SQL Injection Patch
Drupal core CVE-2026-9082 is a highly critical PostgreSQL SQL injection flaw. Check…
Microsoft Word Preview Pane RCE Bugs Put Outlook Users at Risk
Microsoft patched two critical Word RCE bugs where the Preview Pane is…
Fortinet Fixes Critical RCE Flaws in FortiAuthenticator and FortiSandbox
Fortinet patched critical unauthenticated RCE flaws in FortiAuthenticator and FortiSandbox, making exposure…
RubyGems Pauses Signups After Malicious Package Attack
RubyGems disabled new account registration after reports of hundreds of malicious packages,…
Checkmarx Jenkins Plugin Compromise Put CI Secrets at Risk
A rogue Checkmarx AST Scanner Jenkins plugin release put CI/CD source code…
I Am a Professional Hacker Email Scam: Is It Real?
The “I am a professional hacker” email is a sextortion scam. The…
