CVE-2026-31431 CVSS 7.8 flaw since 2017 enables root via 732-byte exploit, impacting major Linux distributions.

Wiz discovered a critical remote code execution vulnerability in GitHub that exposed millions of repositories.

CVE-2026-42208 exploited within 36 hours of disclosure, exposing LiteLLM credentials, risking cloud account compromise.

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...

A single unauthenticated connection gives attackers a full shell; credential theft observed in under three minutes on honeypot servers.

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. This voice experience is generated by AI. Learn more. This ...

Drift Protocol said with “medium-high confidence” that the recent attack was carried out by the same actors responsible for the $58 million Radiant Capital hack in October 2024. Drift Protocol, the ...

It’s a case of search-engine failure. Google has issued a security alert to Chrome users after confirming that cybercriminals had exploited a vulnerable system, marking the second such advisory in ...

Solana-based perpetual futures exchange Drift Protocol fell victim to a large-scale security breach on April 1, 2026. On-chain monitoring firms reported that attackers siphoned roughly $285 million in ...

Attackers weaponized critical RCE within hours, prompting CISA to add the flaw to its KEV catalog and set an urgent patch deadline. Attackers have exploited a critical Langflow RCE within hours of ...

Cloud computing has become an invaluable asset for businesses of all sizes in recent years. The ability to make data and applications accessible from anywhere enables them to implement modern policies ...