New Linux ‘Copy Fail’ Vulnerability Enables Root Access on Major Distributions
Ravie LakshmananApr 30, 2026Linux / Vulnerability Cybersecurity researchers have disclosed details of a Linux local privilege escalation (LPE) flaw that...
researchers
Researchers built a chatbot that only knows the world before 1931
The post Researchers built a chatbot that only knows the world before 1931 appeared first on Malwarebytes. The internet’s chatbots...
SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack
Ravie LakshmananApr 29, 2026Supply Chain Attack / Malware Cybersecurity researchers are sounding the alarm about a new supply chain attack...
New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs
Cybersecurity researchers have discovered malicious code in an npm package after a malicious package as a dependency to the project...
Webinar: How to Automate Exposure Validation to Match the Speed of AI Attacks
The Hacker NewsApr 29, 2026Artificial Intelligence / Exposure Validation In February 2026, researchers uncovered a shift that completely changed the...
Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push
Ravie LakshmananApr 28, 2026Vulnerability / Software Security Cybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHub.com and...
Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE
Ravie LakshmananApr 28, 2026Vulnerability / Network Security Cybersecurity researchers have disclosed details of a critical security flaw impacting LeRobot, Hugging...
Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE
Ravie LakshmananApr 28, 2026Vulnerability / Network Security Cybersecurity researchers have disclosed details of a critical security flaw impacting LeRobot, Hugging...
Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware
Ravie LakshmananApr 27, 2026Malware / Software Supply Chain Cybersecurity researchers have flagged dozens of Microsoft Visual Studio Code (VS Code)...
Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto Fraud
Cybersecurity researchers have disclosed details of a telecommunications fraud campaign that uses fake CAPTCHA verification tricks to dupe unsuspecting users...
Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software
Cybersecurity researchers have discovered a new Lua-based malware created years before the notorious Stuxnet worm that aimed to sabotage Iran's...
26 FakeWallet Apps Found on Apple App Store Targeting Crypto Seed Phrases
Cybersecurity researchers have discovered a set of malicious apps on the Apple App Store that impersonate popular cryptocurrency wallets in...
Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain
Ravie LakshmananApr 22, 2026Cloud Security / Software Security Cybersecurity researchers have warned of malicious images pushed to the official "checkmarx/kics"...
Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens
Cybersecurity researchers have flagged a fresh set of packages that have been compromised by bad actors to deliver a self-propagating...
Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack
Ravie LakshmananApr 22, 2026Malware / Critical Infrastructure Cybersecurity researchers have discovered a previously undocumented data wiper that has been used...
