techENT

Understanding the DarkSword Exploit and How to Secure Your iPhone

A sophisticated software exploit known as DarkSword has recently been made public, and it specifically targets iPhones running older versions of the operating system. While the term 'exploit' might ...
SecurityWeek

Russian APT Exploits Zimbra Vulnerability Against Ukraine

Russia-linked APT28 has exploited a high-severity XSS vulnerability in Zimbra in attacks against Ukrainian entities.
The Hacker News

CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks

Interlock exploits CVE-2026-20131 zero-day since Jan 26, enabling root access on Cisco FMC, increasing ransomware risks.

Google developers find that with AI, judgment is more important than JavaScript

Companies like Google are using AI to take over the bulk of coding. This gives developers more decision-making and oversight ...

Researchers discover zero-day DarkSword exploit chain in iOS 18

Researchers from Google LLC and two cybersecurity companies have identified a set of zero-day exploits in iOS 18. Google’s ...

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
IEEE

Embedding Representations of Diagnosis Codes for Outlier Payment Detection

Abstract: Models for detecting payment outliers from healthcare claims often rely on sparse, high-dimensional feature vector encodings of diagnosis codes. These encodings tend to lose inherent ...
WinBuzzer

GitHub: Glassworm Hides Malware in Invisible Unicode Across 151+ Repos

The Glassworm campaign has compromised over 151 GitHub repositories and npm packages using invisible Unicode payloads that ...

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

Critical Chrome Security Flaws Threaten Billions of Users Worldwide

Google patches two actively exploited Chrome vulnerabilities that could allow attackers to crash browsers or run malicious ...
The Hacker News

Investigating a New Click-Fix Variant

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.