A critical-severity remote code execution (RCE) vulnerability tracked as CVE-2026-41242 and GHSA-xq3m-2v4x-88gg has been disclosed in protobuf.js,...
John
John is an independent cybersecurity researcher covering vulnerabilities, malware campaigns, and emerging threats in the cybersecurity landscape.
Threat actors are actively weaponizing three leaked Windows Defender privilege escalation zero-days, BlueHammer, RedSun, and UnDefend, with...
A critical unauthenticated arbitrary file upload vulnerability, CVE-2026-0740, is actively being exploited in the wild, putting approximately...
TBK DVR-4104 and DVR-4216 devices are under active exploitation by a Mirai-based botnet called Nexcorium, targeting an...
Attackers are actively scanning for CVE-2023-33538 on legacy TP-Link Wi-Fi routers and deploying Mirai-variant malware via automated...
Anthropic’s latest AI model ships with first-of-its-kind automated cybersecurity guardrails, a new Cyber Verification Program for security...
A sophisticated identity-based attack targeting a public sector organization in 2025 has revealed critical gaps in traditional...
OpenAI has officially scaled its Trusted Access for Cyber (TAC) program, releasing GPT-5.4-Cyber, a fine-tuned AI model...
A high-severity vulnerability, CVE-2026-22734 that allows unauthenticated attackers to bypass authentication entirely and obtain valid tokens for...
A sophisticated, previously undocumented botnet campaign dubbed “PowMix” has been actively targeting employees across the Czech Republic since at...
