AI agents have learned to discover and exploit vulnerabilities in smart contracts at a level that now carries direct financial consequences: in a new study by MATS and Anthropic Fellows, the models independently devised...
Developers and administrators worldwide are scrambling to update their servers after the disclosure of a critical vulnerability in React Server — a flaw that enables unauthenticated remote code execution through a single crafted HTTP...
Two Android vulnerabilities were actively exploited as zero-days before patches became available, according to Google’s December Android Security Bulletin. Both flaws affect the Framework component and enable data access and privilege escalation, making it...
The Glassworm campaign targeting popular Visual Studio Code extensions has entered yet another phase — researchers are now documenting a third wave of malicious uploads to the OpenVSX repository and the Microsoft Visual Studio...
In the third quarter of 2025, Beazley Security Labs recorded a sharp surge in the activity of major ransomware groups and the emergence of new delivery mechanisms for infostealers. The primary cybercriminal campaigns centered...
Cyberattacks on decentralized finance projects strike DAOs far harder than the value of stolen assets suggests. A new study reveals that the primary damage is not direct losses, but the collapse in the value...
One of the most popular unofficial YouTube clients for Android TV has been compromised — a malicious build infiltrated the SmartTube application, signed with the developer’s stolen keys. The incident has raised serious concerns...
The Dutch authorities have released new data indicating that adolescents’ involvement in digital wrongdoing is typically fleeting. An analysis prepared for the House of Representatives reveals that early enthusiasm for hacking usually fades by...
Europol, in cooperation with international partners, has dismantled the cryptocurrency mixer Cryptomixer and seized the equivalent of €25 million in Bitcoin. The service, which had been operating since 2016 and helping criminals obscure the...
For the PostHog team, developers of an open-source analytics platform, the recent npm-based attack has become the most serious security incident in the project’s history. The root of the breach was a malicious release...
Digital calendars have long been a convenient way to stay organized amid daily routines, yet new research from Bitsight reveals that this familiar tool can be transformed into a fully fledged attack vector. Bitsight...
The American manufacturer of aerospace and defense components ADC Aerospace has come under scrutiny following a potential cyberattack: a post on the underground leak site operated by the ransomware group Play claims that corporate...
