CSO Online

Attackers exploit critical Langflow RCE within hours as CISA sounds alarm

Attackers weaponized critical RCE within hours, prompting CISA to add the flaw to its KEV catalog and set an urgent patch ...

Point Wild Releases Free LiteLLM Vulnerability Scanner Within 24 Hours of Supply Chain Attack

New AI-powered scanner -- who-touched-my-packages -- detects zero-day malicious packages and credential exfiltration in seconds BOSTON, March 26, 2026 /PRNewswire/ -- Point Wild, a leading global ...

Malware in an Open-Source Project Could Have Infected Thousands. The Twist? It Was Certified by Delve

McMahon wrote that the malware was likely vibe coded, and sloppily at that, leading to the so-called “fork bomb” that crashed ...

Hackers exploit OpenClaw hype on GitHub to steal crypto funds

Crypto scammers are exploiting the rising visibility of OpenClaw to target developers through a coordinated phishing campaign ...
Android Authority

New Qualcomm exploit chain brings bootloader unlocking freedom to Android flagships (Updated: Statement)

A vulnerability in Qualcomm’s Android Bootloader implementation allows unsigned code to run via the “efisp” partition on Android 16 devices. This is paired with a “fastboot” command oversight to ...

Cloud attacks are getting faster and deadlier - here's your best defense plan

Cloud attacks are getting faster and deadlier - here's your best defense plan ...
The Hacker News

Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets

Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file data to the threat actors. The Rust packages, published to ...
9to5Mac

Apple confirms today’s iOS and iPadOS updates for older devices address the Coruna exploit

Apple has detailed the security content for iOS 16.7.15, iOS 15.8.7, iPadOS 16.7.15, and iPadOS 15.8.7, confirming that the updates address the Coruna vulnerability disclosed last week by Google and ...
MacRumors

This iOS Exploit Kit Has 23 Attacks – But Lockdown Mode Stops It Cold

Google's Threat Intelligence Group (GTIG) has a new report out about a powerful iOS exploit kit called "Coruna," which traveled from a surveillance vendor's customer to a Russian espionage group to ...
9to5Mac

Google and iVerify reveal government-grade iPhone exploit kit spreading to hackers

Google’s Threat Intelligence Group and security company iVerify have shared details about Coruna, an exploit kit that chains multiple vulnerabilities to target iPhones running older iOS versions. Here ...
Computer Weekly

PromptSpy Android malware may exploit Gemini AI

An Android-specific malware targeting mobile device takeover appears to use generative AI (GenAI) services in its execution flows to maintain persistence on the victim’s smartphone, researchers at ...
Fox News

Ukraine makes fastest gains in years as Russia talks stall, exploiting cracks in Kremlin command

As U.S.-backed negotiations between Russia and Ukraine in Geneva ended without a breakthrough, Kyiv made gains on the battlefield, recapturing territory at its fastest pace in years through localized ...