CSO Online

Attackers exploit critical Langflow RCE within hours as CISA sounds alarm

Attackers weaponized critical RCE within hours, prompting CISA to add the flaw to its KEV catalog and set an urgent patch ...

Point Wild Releases Free LiteLLM Vulnerability Scanner Within 24 Hours of Supply Chain Attack

New AI-powered scanner -- who-touched-my-packages -- detects zero-day malicious packages and credential exfiltration in seconds BOSTON, March 26, 2026 /PRNewswire/ -- Point Wild, a leading global ...

Malware in an Open-Source Project Could Have Infected Thousands. The Twist? It Was Certified by Delve

McMahon wrote that the malware was likely vibe coded, and sloppily at that, leading to the so-called “fork bomb” that crashed ...

Hackers exploit OpenClaw hype on GitHub to steal crypto funds

Crypto scammers are exploiting the rising visibility of OpenClaw to target developers through a coordinated phishing campaign ...
Android Authority

New Qualcomm exploit chain brings bootloader unlocking freedom to Android flagships (Updated: Statement)

A vulnerability in Qualcomm’s Android Bootloader implementation allows unsigned code to run via the “efisp” partition on Android 16 devices. This is paired with a “fastboot” command oversight to ...

Cloud attacks are getting faster and deadlier - here's your best defense plan

Cloud attacks are getting faster and deadlier - here's your best defense plan ...
The Hacker News

Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets

Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file data to the threat actors. The Rust packages, published to ...
CoinDesk

Jito Foundation acquires and revives SolanaFloor following shutdown over $27 million exploit

The Jito Foundation announced its acquisition of SolanaFloor, a data platform and news site focused on the Solana blockchain, and plans to relaunch the publication after its recent shutdown.
Bleeping Computer

Google: Cloud attacks exploit flaws more than weak credentials

Hackers are increasingly exploiting newly disclosed vulnerabilities in third-party software to gain initial access to cloud environments, with the window for attacks shrinking from weeks to just days.
MacRumors

This iOS Exploit Kit Has 23 Attacks – But Lockdown Mode Stops It Cold

Google's Threat Intelligence Group (GTIG) has a new report out about a powerful iOS exploit kit called "Coruna," which traveled from a surveillance vendor's customer to a Russian espionage group to ...
CoinTelegraph

Google uncovers iOS exploit kit used in crypto phishing attacks

Researchers say fake crypto websites deployed an iOS exploit kit capable of stealing wallet seed phrases and other financial data. Threat researchers at Google say they have uncovered a new exploit ...
InfoQ

AI "Vibe Coding" Threatens Open Source as Maintainers Face Crisis

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...