Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...

NAKIVO v11.2: Ransomware Defense, Faster Replication, vSphere 9, and Proxmox VE 9.0 Support

NAKIVO Inc. announced the general availability of NAKIVO Backup & Replication v11.2, focused on fast, reliable, and proactive ...

Microsoft Teams right-click paste broken by Edge update bug

Microsoft is warning that a recent Microsoft Edge browser update introduced a bug that breaks right-click paste in chats in ...

Payouts King ransomware uses QEMU VMs to bypass endpoint security

The Payouts King ransomware is using the QEMU emulator as a reverse SSH backdoor to run hidden virtual machines on ...

CISA flags Apache ActiveMQ flaw as actively exploited in attacks

CISA warned that attackers are now exploiting a high-severity Apache ActiveMQ vulnerability, which was patched earlier this ...

Grinex exchange blames "Western intelligence" for $13.7M crypto hack

Kyrgyzstan-based cryptocurrency exchange Grinex has suspended its operations after suffering a $13.7 million hack attributed ...

Operation PowerOFF identifies 75k DDoS users, takes down 53 domains

The latest wave of "Operation PowerOFF," on April 13, 2026, targeted the distributed denial-of-service (DDoS) ecosystem and ...

Recently leaked Windows zero-days now exploited in attacks

Threat actors are exploiting three recently disclosed Windows security vulnerabilities in attacks aimed at gaining SYSTEM or ...

Microsoft pays $2.3M for cloud and AI flaws at Zero Day Quest

Microsoft has awarded $2.3 million to security researchers after receiving nearly 700 submissions during this year's Zero Day ...

New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges

A researcher known as "Chaotic Eclipse" has published a proof-of-concept exploit for a second Microsoft Defender zero-day, ...

WordPress plugin suite hacked to push malware to thousands of sites

More than 30 WordPress plugins in the EssentialPlugin package have been compromised with malicious code that allows ...

Google expands Gemini AI use to fight malicious ads on its platform

Google says it is increasingly using its Gemini AI models to detect and block harmful ads on its advertising platforms, as scammers and threat actors continue to evolve their tactics to evade ...