Security News

114 posts

/nginx-ui-mcpwn-cve-2026-33032/featured-image.png
Nginx-UI MCPwn (CVE-2026-33032): Full Server Takeover With One Unauthenticated Request

April 16, 2026

A critical vulnerability in nginx-ui has been actively exploited since March 2026, and it gives any attacker on the network full control over the nginx server …

/php-composer-command-injection-cve-2026-40261/featured-image.png
PHP Composer Command Injection CVE-2026-40261

April 15, 2026

PHP Composer Has Two Flaws That Run Arbitrary Commands on Developer Machines PHP Composer, the package manager that almost every PHP developer uses to build …

/msbuild-lolbin-fileless-attack/featured-image.png
MSBuild LOLBin: How Hackers Run Malware on Windows Without Leaving a Trace

April 14, 2026

MSBuild.exe is a LOLBin, a legitimate Windows tool being abused to run malware on fully patched machines without dropping a single file on disk, and Windows …

/docker-authorization-bypass-cve-2026-34040/featured-image.png
Docker Had a 10-Year Security Bypass Hidden in Plain Sight

April 12, 2026

Docker’s Security Layer Has Been Broken Since 2016, And The Fix Doesn’t Finish the Job. One padded HTTP request. That is all it takes to silently …

/desckvb-rat-fileless-malware-2026/featured-image.png
DesckVB RAT Uses Windows' Own Tools to Stay Hidden and Leaves Almost Nothing Behind

April 11, 2026

A Remote Access Trojan called DesckVB has been actively hitting systems throughout 2026, running almost entirely inside memory with barely anything written to …

/bluehammer-windows-defender-zero-day/featured-image.png
Windows Defender Is Being Used to Hack Windows

April 10, 2026

Windows Defender, the built-in antivirus running on every Windows machine, has a zero-day exploit with full source code sitting on GitHub. No patch, no CVE, and …

/fiber-optic-eavesdropping/featured-image.png
Fiber Optic Cables Turned Into Hidden Microphones

April 9, 2026

Fiber optic cables running through your walls can be turned into hidden microphones that record every word spoken in the room. This is not a theory anymore. …

/gpubreach-attack-nvidia-gpu/featured-image.png
GPUBreach Attack Gives Hackers a Root Shell on NVIDIA GPUs

April 8, 2026

NVIDIA GPUs with GDDR6 memory can be used to take full control of a system, including a root shell, bypassing hardware defenses that were supposed to stop …

/axios-npm-supply-chain-attack/featured-image.png
Axios npm Supply Chain Attack: How a Fake Meeting Compromised 100 Million Downloads

April 4, 2026

Axios, the JavaScript library with over 100 million weekly downloads, was compromised on March 31st. For roughly three hours, every fresh install of those two …

/nginx-hijacking-no-malware/featured-image.png
Hackers Are Hijacking NGINX Servers Without Installing Malware

February 5, 2026

Hackers are hijacking NGINX web servers and rerouting live traffic through their own infrastructure. No malware installed, no vulnerability exploited. Just a …

/ntlm-finally-disabled/featured-image.png
Why It Took Microsoft 32 Years to Disable NTLM

February 4, 2026

32 years. That is how long it took Microsoft to disable NTLM, the protocol that handles Windows login authentication. A broken system linked to $10 billion in …

/escan-antivirus-breach-2026-technical-analysis/featured-image.png
How eScan Antivirus Delivered Malware Instead of Protection

February 3, 2026

eScan antivirus got hacked. Again. Same company, same update infrastructure exploited, two years apart. This time: hundreds of machines infected in a 2-hour …

/notepad-plus-plus-supply-chain-attack/featured-image.png
Notepad++ Supply Chain Attack Full Story

February 2, 2026

Notepad++ delivered malware for six months. From June to December 2025, the update system was compromised. Millions of people use this software. Some of them …

/moltbook-database-breach-exposed-ai-agents/featured-image.png
How the Moltbook Database Breach Exposed 770,000 AI Agents

February 1, 2026

How the Moltbook Database Breach Exposed 770,000 AI Agents Moltbook, the social network exclusively for AI agents, had its entire database wide open. 770,000 …

/openclaw-moltbot-clawdbot-security-nightmare/featured-image.png
Three Names in Four Days and 1,800 Servers Leaking Credentials

January 31, 2026

Three names in four days! This AI assistant was Clawdbot, then Moltbot, and now OpenClaw. 1,800 exposed instances leaking API keys, passwords, and private …

/ollama-175000-servers-exposed/featured-image.png
Ollama Security Failure Exposes 175,000 AI Servers to Attackers

January 30, 2026

175,000 AI servers wide open to the internet. 130 countries. Attackers are selling access to other people’s hardware at a 50% discount, and using it for …

/openssl-12-cves-ai-january-2026/featured-image.png
AI Finds 12 OpenSSL Vulnerabilities Including a 27-Year-Old Bug

January 29, 2026

An AI just found 12 zero-day vulnerabilities in OpenSSL. All 12. In a single release. One of those bugs is older than OpenSSL itself, sitting in the code since …

/windows-one-update-ten-problems/featured-image.png
One Windows Update, Ten Problems, Two Emergency Patches

January 28, 2026

Microsoft pushed one security update. It broke at least 10 different things. 114 security fixes. Two emergency patches. PCs that won’t boot. Outlook that …

/office-zero-day-cve-2026-21509/featured-image.png
Office Zero-Day Actively Exploited - CVE-2026-21509

January 27, 2026

Microsoft Office zero-day actively exploited. Every version from 2016 to 365, including LTSC 2021 and 2024, over 400 million users. Attackers bypass all the …

/maliciouscorgi-vscode-extensions/featured-image.png
MaliciousCorgi: The VSCode Attack Hiding in Plain Sight - 1.5 Million Installs Affected

January 25, 2026

Two VSCode extensions with 1.5 million installs are stealing source code right now, not last month. Researchers published their findings on January 22. Three …

/telnetd-root-exploit-cve-2026-24061/featured-image.png
CVE-2026-24061. One Command, Root Access: The 11-Year Telnet Bug

January 24, 2026

It’s 2026 and attackers are still getting root shells via Telnet with a single command that requires no password whatsoever. 😏 SSH has existed for 31 …

/snap-store-domain-hijacking/featured-image.png
Snap Store Domain Hijacking Lets Attackers Push Malware Through Trusted Linux Apps

January 23, 2026

Attackers found a way to hijack legitimate apps in the Snap Store. 7000 packages. Millions of Linux users. One victim already lost 9 Bitcoin. That was $490,000. …

/sympy-dev-malware/featured-image.png
Fake SymPy Package Deploys Fileless Cryptominer on Linux Systems

January 22, 2026

A fake SymPy package deploys XMRig cryptominers on Linux machines. The malware hides inside polynomial functions. It only activates when you do math. Over 1,000 …

/voidlink-ai-malware/featured-image.png
VoidLink: 88,000 Lines of AI-Built Malware in 6 Days

January 21, 2026

One developer just built 88,000 lines of advanced malware in six days using AI. A single person with an AI coding assistant created a framework sophisticated …

/cracking-windows-domain-admin-passwords-rainbow-tables/featured-image.png
Cracking Windows Domain Admin Passwords Just Got Simple

January 20, 2026

Cracking Windows domain admin passwords just got simple. A massive set of rainbow tables just went public, a $600 laptop is enough, and it takes 12 hours max. …

/ghostposter-malware-browser-extension-png-steganography/featured-image.png
GhostPoster Malware: How Browser Extensions Hide JavaScript in PNG Icons

January 19, 2026

Your browser extension logo just became malware. Not the code. The actual image file. A PNG icon sitting in your toolbar, looking normal, hiding JavaScript that …

/gootloader-zip-evasion-2026/featured-image.png
GootLoader Tricks Security Tools Into Seeing a Safe File While Windows Runs Malware

January 18, 2026

GootLoader is back. This week, researchers discovered their newest trick: a way to make security tools completely blind. Your antivirus scans the ZIP file. …

/aws-supply-chain-vulnerability/featured-image.png
Two Missing Characters Nearly Compromised the AWS Supply Chain

January 17, 2026

Netflix. Twitch. iCloud. The servers of the CIA and NSA. 30% of all cloud infrastructure worldwide runs on Amazon Web Services. Two missing characters in a …

/pixel-9-zero-click-exploit/featured-image.png
Pixel 9 Zero-Click Exploit: How a Single Audio Message Can Compromise Your Phone

January 16, 2026

Someone sends you an audio message. You don’t open it, you don’t play it, you don’t even look at your phone. And you’re already hacked. …

/microsoft-copilot-reprompt-data-theft-one-click/featured-image.png
Microsoft Patches Copilot Vulnerability That Leaked Data with One Click

January 15, 2026

January 13, 2026. Microsoft patches a vulnerability in Copilot that let attackers steal personal data with a single click. The security bypass that worked for …