Fake Claude Code installer malware used Google Ads to place spoofed AI tool pages above real documentation since March 2026.

Major vendor patches: Cisco addressed five high-severity vulnerabilities in products including Unity Connection, SG switches, and IoT Field Network Director, with no workarounds available. Active ...

Local privilege escalation on Linux kernels from 4.11 up to (but not including) the patched 6.18 releases. The bug lives in the kernel's AF_ALG socket interface—specifically how authencesn handles ...

I'd like to thank my co-author, Martin Zugec, for his valuable contributions to this report. This intrusion adds three dimensions to the public understanding of Chinese APT activity in contested ...

Palo Alto Networks warns that its widely deployed firewalls are under attack with hackers exploiting a critical zero-day vulnerability. Unauthenticated attackers can achieve remote code execution with ...

Palo Alto Networks has disclosed that threat actors may have attempted to unsuccessfully exploit a recently disclosed critical security flaw as early as April 9, 2026. The vulnerability in question is ...

Abstract: Malicious document files used in targeted attacks often contain a small program called shellcode. It is often hard to prepare a runnable environment for dynamic analysis of these document ...

A threat actor with affiliations to China has been linked to a "multi-wave intrusion" targeting an unnamed Azerbaijani oil and gas company between late December 2025 and late February 2026, marking an ...

AI can now transform published vulnerabilities into working exploits faster than security teams can assess the threat. Your PlayStation, Netflix streams, and WhatsApp messages all depend on FreeBSD’s ...

The cybersecurity firm has not explicitly accused China of being behind the attack, but the evidence suggests it was. Palo Alto Networks has shared some information on the exploitation of the recently ...