Several mental health mobile apps with millions of downloads on Google Play contain security vulnerabilities that could expose users' sensitive medical information.

The Conductor extension now can generate post-implementation code quality and compliance reports based on developer specifications.

As Chief Information Security Officers (CISOs) and security leaders, you are tasked with safeguarding your organization in an ...

Trojanized gaming tools and new Windows RATs like Steaelite enable data theft, ransomware, and persistent remote control.

CISA added FileZen CVE-2026-25108 (CVSS 8.7) to its KEV catalog after active exploitation, affecting versions 4.2.1–4.2.8 and 5.0.0–5.0.10.

Vulnerabilities in PDF platforms from Foxit and Apryse could have been exploited for account takeover, data exfiltration, and other attacks.

OpenClaw has patched six new vulnerabilities in its popular agentic AI assistant, covering server-side request forgery (SSRF) ...

Anthropic's Opus 4.6 system card breaks out prompt injection attack success rates by surface, attempt count, and safeguard configuration — data that OpenAI and Google have not published for their own ...

A critical vulnerability in the WPvivid Backup & Migration plugin for WordPress, installed on more than 900,000 websites, can be exploited to achieve remote code execution by uploading arbitrary files ...

VS Code Snap package bug on Linux keeps deleted files, clogging hard drives Snap creates separate local Trash folders per version, compounding storage issues No fix yet; users advised to install VS ...