A critical vulnerability in LiteLLM can allow unauthenticated access to protected management routes in some proxy server deployments. The flaw is tracked as CVE-2026-49468 and…
AIRecon is an open-source, AI-powered penetration testing agent that runs with a self-hosted Ollama model, a Kali Linux Docker sandbox, and a terminal-based interface. Its…
Hackers compromised more than 140 Mastra npm packages in a supply chain attack that used a malicious dependency to run malware during installation. The attack…
Anthropic has disabled access to Claude Fable 5 and Claude Mythos 5 after receiving a U.S. government export control directive that bars foreign nationals from…
Eastman Kodak has confirmed a cybersecurity incident after the ShinyHunters extortion group claimed it stole more than 2.2 million customer and corporate records from the…
Fortra has disclosed a critical command injection vulnerability in Core Privileged Access Manager, also known as BoKS, that can let a remote attacker run operating…
CISA has added CVE-2026-35273, a critical Oracle PeopleSoft PeopleTools vulnerability, to its Known Exploited Vulnerabilities catalog after confirmed exploitation in the wild. The flaw affects…
At least 15 malicious JetBrains IDE plugins were found stealing AI provider API keys from developers after appearing on the JetBrains Marketplace as coding assistants,…
ErrTraffic is a growing malware distribution framework that tricks users into running PowerShell commands through fake verification pages that imitate trusted services such as Google…
FishMonger, a China-aligned cyberespionage group, has expanded the SprySOCKS backdoor from Linux to Windows, giving the group a broader toolset for spying on government and…
February 10, 2026
1 comment 
