Cybersecurity Articles

121/69 Monday, March 2, 2026 Security firm Truffle Security has released new research revealing that nearly 2,863 Google Cloud API keys were embedded in client-side website code and exposed to the public internet. Some of the affected websites were reportedly associated with Google itself. Although these API keys were originally intended only to identify projects […]

120/69 Friday, February 27, 2026 Check Point Research has identified multiple security vulnerabilities in Claude Code, an AI-powered coding assistant developed by Anthropic. The flaws could allow attackers to execute malicious code remotely (Remote Code Execution – RCE) and steal users’ API keys. The issues stem from configuration mechanisms within the tool, including Hooks, Model […]

119/69 Friday, February 27, 2026 The cybercrime group ShinyHunters has published personal data from more than 12.4 million user accounts belonging to CarGurus after a failed extortion attempt. CarGurus is a U.S.-based online automotive marketplace and research platform operating in the United States, Canada, and the United Kingdom. The platform attracts approximately 40 million monthly […]

118/69 Friday, February 27, 2026 Zyxel, a leading network equipment manufacturer, has issued a security advisory regarding a critical vulnerability identified as CVE-2025-13942, which carries a CVSS score of 9.8 out of 10. The flaw allows unauthenticated attackers to execute arbitrary commands remotely, potentially gaining full control of affected devices. The vulnerability impacts more than […]

117/69 Thursday, February 26, 2026 Broadcom has issued a security advisory and released patches to address multiple vulnerabilities in VMware Aria Operations, including a high-severity flaw that could lead to remote code execution. The most critical issue, CVE-2026-22719 (CVSS 8.1), is a Command Injection vulnerability. An unauthenticated attacker could exploit this flaw to execute arbitrary […]

116/69 Thursday, February 26, 2026 SolarWinds has released security updates addressing four critical vulnerabilities in its Serv-U file transfer software, which supports FTP, FTPS, SFTP, and HTTP/S protocols. Serv-U is widely used by organizations to exchange large files both internally and externally. If left unpatched, the vulnerabilities could allow attackers to execute remote code (RCE) […]

115/69 Thursday, February 26, 2026 A recent report from Symantec’s Threat Hunter Team and Carbon Black highlights a concerning shift in tactics by the state-sponsored Lazarus Group. The group, historically known for cyber espionage operations, is increasingly focusing on financial gain by deploying the Medusa ransomware against healthcare and social service organizations worldwide. By collaborating […]

114/69 Wednesday, February 25, 2026 Vikor Scientific (also known as Vanta Diagnostics), a U.S.-based molecular diagnostic testing provider, has reported a data breach to the Department of Health and Human Services (HHS) after discovering that the personal and medical information of 139,964 patients was accessed without authorization. The incident first came to light in November […]

113/69 Wednesday, February 25, 2026 Anthropic has introduced Claude Code Security, an AI-driven security service built on top of its Claude Code platform. The tool is designed to scan source code for security vulnerabilities and provide remediation guidance in the form of suggested patches for development teams to review. The service is currently available as […]

112/69 Wednesday, February 25, 2026 OpenClaw, nicknamed “Nong Kung,” launched in November 2025 as an open-source intelligent AI agent designed to run directly on personal computers. It can automate various tasks, such as connecting to chat applications like WhatsApp or Discord, reading and writing files, managing calendars, and searching for information online. However, the project […]