LeakNet ransomware uses ClickFix and Deno runtime for stealthy attacks

The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a ...
GitHub

Penpot's Official MCP Server

Penpot integrates a LLM layer built on the Model Context Protocol (MCP) via Penpot's Plugin API to interact with a Penpot design file. Penpot's MCP server enables LLMs to perfom data queries, ...
Bleeping Computer

Trend Micro warns of critical Apex One code execution flaws

Japanese cybersecurity software firm Trend Micro has patched two critical Apex One vulnerabilities that allow attackers to gain remote code execution (RCE) on vulnerable Windows systems. Apex One is ...
The Hacker News

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

Cybersecurity researchers have disclosed multiple security vulnerabilities in Anthropic's Claude Code, an artificial intelligence (AI)-powered coding assistant, that could result in remote code ...
Infosecurity-magazine.com

Flaws in Popular Software Development App Extensions Allow Data Exfiltration

Researchers at OX Security have detected four vulnerabilities in three of the most popular integrated development environments (IDEs) that could lead to cyber-attacks. In a report published on ...
Microsoft

Running OpenClaw safely: identity, isolation, and runtime risk

Self-hosted agent runtimes like OpenClaw are showing up fast in enterprise pilots, and they introduce a blunt reality: OpenClaw includes limited built-in security controls. The runtime can ingest ...
Forbes

Mozilla Issues Firefox System Takeover Security Update

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. Update Firefox and Thunderbird now. Mozilla has confirmed a security issue affecting all ...
SecurityWeek

Google Patches First Actively Exploited Chrome Zero-Day of 2026

Google released an emergency Chrome update on Friday to patch a zero-day vulnerability that has been exploited in the wild. Chrome 145.0.7632.75/76 for Windows/Mac and 144.0.7559.75 for Linux fix ...
ExtremeTech

Microsoft Fixes Windows 11 Bug That Let Attackers Run Remote Code in Notepad

Share on Facebook (opens in a new window) Share on X (opens in a new window) Share on Reddit (opens in a new window) Share on Hacker News (opens in a new window) Share on Flipboard (opens in a new ...
SecurityWeek

Apple Patches iOS Zero-Day Exploited in ‘Extremely Sophisticated Attack’

Impacting the ‘dyld’ system component, the memory corruption issue can be exploited for arbitrary code execution. Apple on Wednesday rolled out fixes for iOS and macOS systems to resolve a zero-day ...
The Hacker News

Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Other Devices

Apple on Wednesday released iOS, iPadOS, macOS Tahoe, tvOS, watchOS, and visionOS updates to address a zero-day flaw that it said has been exploited in sophisticated cyber attacks. The vulnerability, ...