A critical cross-origin WebSocket hijacking vulnerability (CVSS 9.7) in Cline’s local kanban server, one of the most...
John
John is an independent cybersecurity researcher covering vulnerabilities, malware campaigns, and emerging threats in the cybersecurity landscape.
Mozilla has patched a record-breaking 423 security vulnerabilities in Firefox after deploying an agentic AI pipeline powered...
Days after confirming one of the largest data breaches in education technology history, Instructure is now facing...
A critical ServiceAccount impersonation bypass in Rancher Fleet (CVSS 9.9) allows any tenant with git push access...
A critical, unpatched local privilege escalation (LPE) vulnerability dubbed Dirty Frag has been publicly disclosed, enabling any local attacker...
A high-severity vulnerability (CVE-2026-41139) in the popular mathjs JavaScript library allows remote attackers to execute arbitrary JavaScript...
Kaspersky’s GReAT team has uncovered a sophisticated PyPI supply chain attack attributed with moderate confidence to the...
Redis has disclosed and patched five security vulnerabilities: four rated High (CVSS 7.7) and one rated Medium...
Palo Alto Networks disclosed a critical zero-day vulnerability on May 6, 2026, affecting its PAN-OS software, and...
An uncovered five malicious NuGet packages published under the threat actor account bmrxntfj that typosquat widely used Chinese .NET...