News

The State of Ransomware in Enterprise 2025

Bys s January 14, 2026

Categories: Products & Services

Tags: Ransomware, Enterprise, Solutions, The State of Ransomware

News

Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution
Bys s April 30, 2026

Google has addressed a maximum severity security flaw in Gemini CLI — the “@google/gemini-cli” npm package and the “google-github-actions/run-gemini-cli” GitHub Actions workflow — that could have allowed attackers to execute arbitrary commands on host systems. “The vulnerability allowed an unprivileged external attacker to force their own malicious content to load as Gemini configuration,”

Read More Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution
News

New Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without Permissions
Bys s October 14, 2025

Android devices from Google and Samsung have been found vulnerable to a side-channel attack that could be exploited to covertly steal two-factor authentication (2FA) codes, Google Maps timelines, and other sensitive data without the users’ knowledge pixel-by-pixel. The attack has been codenamed Pixnapping by a group of academics from the University of California (Berkeley), University…

Read More New Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without Permissions
News

New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots
Bys s May 12, 2026

Cybersecurity researchers have flagged a new version of the TrickMo Android banking trojan that uses The Open Network (TON) for command-and-control (C2). The new variant, observed by ThreatFabric between January and February 2026, has been observed actively targeting banking and cryptocurrency wallet users in France, Italy, and Austria. “TrickMo relies on a runtime-loaded APK (dex.module),

Read More New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots
News

CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active Exploitation
By December 24, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched high-severity security flaw impacting Acclaim Systems USAHERDS to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild. The vulnerability in question is CVE-2021-44207 (CVSS score: 8.1), a case of hard-coded, static credentials in Acclaim USAHERDS that

Read More CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active Exploitation
News

‘Trickery and f…ery’: Agency under fire over senior manager’s ‘serious’ privacy breach
Bys s November 28, 2025

Paul Penfold reports a failure-to-use-bcc field breach that exposed extremely sensitive data: A government agency whose job is to support abuse survivors is accused of instead causing harm by accidentally exposing the identities of more than 30 Lake Alice torture survivors in a botched email. Former staff say they repeatedly warned the Crown Response Office……

Read More ‘Trickery and f…ery’: Agency under fire over senior manager’s ‘serious’ privacy breach
News

OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link
Bys s February 2, 2026

A high-severity security flaw has been disclosed in OpenClaw (formerly referred to as Clawdbot and Moltbot) that could allow remote code execution (RCE) through a crafted malicious link. The issue, which is tracked as CVE-2026-25253 (CVSS score: 8.8), has been addressed in version 2026.1.29 released on January 30, 2026. It has been described as a…

Read More OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link

Similar Posts