Critical vulnerability in Ruby's standard library ERB:attackers can execute code

The Ruby vulnerability is not easy to exploit, but allows an attacker to read sensitive data, start code, and install ...
CyberGuy

Anthropic’s Mythos AI just changed cybersecurity forever

Anthropic’s Mythos AI found 2,000 flaws in weeks, raising fears of faster cyberattacks and new risks to your personal data.
CoinDesk

The Protocol: Kelp DAO exploited for $292 million

Crypto bridge hacks like the $292 million Kelp DAO exploit keep happening because bridges rely on trusted intermediaries and ...

Microsoft Patch Still Leaves 1,300 SharePoint Servers Exposed

More than 1,300 internet-exposed SharePoint servers remain unpatched against CVE-2026-32201, a spoofing flaw Microsoft says ...

New Mirai campaign exploits RCE flaw in EoL D-Link routers

A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability ...
Dark Reading

'The Gentlemen' Rapidly Rises to Ransomware Prominence

Not nearly as polite as the name suggests, the ransomware gang has impressed researchers with its speed in scaling up ...

Apple TV Made Hard Sci-Fi Essential Again With This Modern Masterpiece

Ahead of Season 3, this hard sci-fi masterpiece is revitalizing the genre, with an intricate dystopia, compelling characters, ...

New npm supply-chain attack self-spreads to steal auth tokens

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.