Google reportedly patched a flaw in the Vertex AI SDK for Python that could allow attackers to hijack model uploads and ...

ESET researchers have discovered SprySOCKS for Windows, FishMonger’s backdoor weaponizing a kernel driver for advanced ...

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

Any development environment that installed or imported one of the 172 compromised npm or PyPI packages published since May 11 should be treated as potentially compromised. On affected developer ...

On April 29, 2026, security researchers at Theori and Xint Code publicly disclosed CVE-2026-31431, a Linux kernel privilege escalation vulnerability they named Copy Fail. Any unprivileged local user ...

IT researchers have discovered a vulnerability in the Linux kernel that attackers can exploit to gain root privileges. The discoverers have named the vulnerability “Copy Fail.” Virtually all Linux ...

In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to conduct credential theft. As of writing, ...

All Linux kernels released after 2017 are vulnerable to critical privilege escalation bugs. A tiny 732-byte exploit grants root privileges across all major Linux distributions, with containerized ...

The Python SDK for OpenZiti is a library that enables you to integrate zero trust network connectivity into your Python applications, and establish secure connections with remote network resources ...

A global campaign dubbed ShadowRay 2.0 hijacks exposed Ray Clusters by exploiting an old code execution flaw to turn them into a self-propagating cryptomining botnet. Developed by Anyscale, the Ray ...

An investigation into what appeared at first glance to be a “standard” Python-based infostealer campaign took an interesting turn when it was discovered to culminate in the deployment of a ...