Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading ...
Explore the latest news and expert commentary on Endpoint Security, brought to you by the editors of Dark Reading ...
Flipper Devices says development of the Flipper Zero firmware will continue, albeit with a smaller internal team and greater reliance on community contributions. Researchers identified what they ...
Nextcloud CEO: Open source moves from 'a nerdy audience' to the geopolitical stage Frank Karlitschek, head of the German software vendor, talked about the company’s decision to help develop the ...
Operation Navy Ghost is targeting Python developers who build Telegram bots by hiding backdoors inside trojanized Pyrogram forks uploaded to PyPI. The campaign has been active since November 2025, ...
AI-powered threat intelligence system combining malware behavioral analysis with LLM-generated cybersecurity recommendations for SharePoint and Citrix exploitation campaigns - OliverSkoczylas/threa ...
CISA tells agencies to patch smarter, not harder — foreshadowing broader industry practice A new CISA directive moves federal agencies beyond severity scores and toward a risk-based patching model ...