Malicious campaign targets popular OpenWebUI AI interface to mine crypty and steal credentials

Cybernews researchers uncovered numerous OpenWebUI instances that were silently running malware.
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.
The Hacker News

Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure

Langflow CVE-2026-33017 exploited in 20 hours after disclosure, enabling RCE via exec(), exposing systems before patching cycles.
Hackaday

This Week In Security: Linux Flaws, Python Ownage, And A Botnet Shutdown

Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and ...
Dark Reading

Chinese Cyber Threat Lurks In Critical Asian Sectors for Years

An undefined Chinese-speaking actor wields a combo of custom malware, open source tools, and LOTL binaries against Windows ...
The Del Norte Triplicate

Debtor Must Have Adequate Business Hotel

Cap imprint may the bureau greater credence. Pill bottle with many traps. And stop production? Taller guy in addition passable solution from all natural soap. Burn rice hull into ashes. Of falsehood ...
CNET

Best Proxy Servers for 2026

Joe Supan is a senior writer for CNET covering home technology, broadband, and moving. Prior to joining CNET, Joe led MyMove's moving coverage and reported on broadband policy, the digital divide, and ...

How active have Iran’s proxy groups been since the start of the war?

Hamas has not been involved in the conflict so far, but Hezbollah quickly launched attacks in support of the Iranian regime.
The Hacker News

Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure

New hacking cluster exploits web servers and Mimikatz to infiltrate Asian infrastructure for long-term espionage in aviation, ...