Ethereum gossipsub vulnerability CVE-2026-34219 lets any unauthenticated peer crash a validator with a single crafted PRUNE ...
An exposed WP-SHELLSTORM server revealed tools, logs, cloud credentials, and thousands of webshells used in a large website ...
In other news, a DHS database was hacked, Adobe is releasing patches twice a month, and Canada has disrupted ransomware operations.
New Helix extortion group steals SharePoint data after compromising Microsoft 365 accounts through voice phishing and MFA abuse.
It is legal for passengers to drink alcohol on a boat in Florida, but illegal for the operator to be under the influence.
A Burmese python population has emerged in Southwest Florida, raising fresh concerns about the invasive predator's spread.
A Burmese python population has emerged in Southwest Florida, raising fresh concerns about the invasive predator's spread.
An "agentic threat actor" successfully exploited a Langflow flaw to steal data from a production database server and encrypt ...
JadePuffer exploited a vulnerable Langflow server, harvested credentials, moved laterally, and encrypted more than 1,300 ...
Armored Likho BusySnake Stealer, a Python-based infostealer first disclosed by Kaspersky, is actively targeting government ...
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
Fake CVE exploit repos pull frint and skytext packages to steal researcher credentials, with servers still live as of July 1.