]GitLab has released security updates for Community Edition and Enterprise Edition to fix multiple vulnerabilities, including bugs that could let attackers trigger denial of service…
CISA has added a critical Ivanti Endpoint Manager Mobile vulnerability, CVE-2026-1340, to its Known Exploited Vulnerabilities catalog after confirming active exploitation. The flaw affects Ivanti…
Open source developers are facing a new Slack phishing campaign that abuses trust instead of software flaws. Attackers posed as a known Linux Foundation community…
A newly documented malware campaign is targeting organizations in Taiwan with a fake security tool that looks legitimate at first glance. Cisco Talos says the…
STX RAT is a newly identified Windows remote access trojan that combines stealthy remote control with credential theft. Researchers say it gives attackers hidden desktop…
A newly documented macOS malware campaign is using two delivery paths to infect selected victims with a stealer called notnullOSX. Researchers at Moonlock Lab say…
A newly spotted ClickFix campaign is targeting Mac users by opening Apple’s built in Script Editor instead of Terminal. The goal stays the same: trick…
Ordinary fiber optic internet cables can be used to recover speech and other room sounds under the right conditions, according to research presented at NDSS…
A newly disclosed CUPS vulnerability chain can let an unauthenticated remote attacker reach code execution on vulnerable, network-exposed print servers and then escalate that access…
A newly disclosed vulnerability in Apache ActiveMQ Classic can let attackers execute code remotely through the product’s Jolokia management API. The flaw, tracked as CVE-2026-34197,…
November 21, 2025
1 comment 
