Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE
Ravie LakshmananApr 28, 2026Vulnerability / Network Security Cybersecurity researchers have disclosed details of a critical security flaw impacting LeRobot, Hugging...
After Mythos: New Playbooks For a Zero-Window Era
When patching isn’t fast enough, NDR helps contain the next era of threats. If you’ve been tracking advancements in AI,...
Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks
Ravie LakshmananApr 28, 2026Cyber Espionage / Vulnerability A Chinese national accused of being a member of the Silk Typhoon hacking...
Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover
Ravie LakshmananApr 28, 2026Vulnerability / Identity Management An administrative role meant for artificial intelligence (AI) agents within Microsoft Entra ID...
Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202
Ravie LakshmananApr 28, 2026Vulnerability / Threat Intelligence Microsoft on Monday revised its advisory for a now-patched, high-severity security flaw impacting...
Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack
Ravie LakshmananApr 27, 2026 Checkmarx has disclosed that its ongoing investigation tied to the supply chain security incident has revealed...
⚡ Weekly Recap: Fast16 Malware, XChat Launch, Federal Backdoor, AI Employee Tracking & More
Ravie LakshmananApr 27, 2026Cybersecurity / Hacking Everything is dumb again. This week feels broken in a very familiar way. Old...
Mythos Changed the Math on Vulnerability Discovery. Most Teams Aren’t Ready for the Remediation Side
Anthropic’s Claude Mythos Preview has dominated security discussions since its April 7 announcement. Early reporting describes a powerful cybersecurity-focused AI...
PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks
A pro-Ukrainian hacktivist group called PhantomCore has been attributed to attacks actively targeting servers running TrueConf video conferencing software in...
Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware
Ravie LakshmananApr 27, 2026Malware / Software Supply Chain Cybersecurity researchers have flagged dozens of Microsoft Visual Studio Code (VS Code)...
