Explore

Trendline Trendline
CrowdStrike Report Highlights AI-Driven Cyber Threats in Fintech

CrowdStrike Report Highlights AI-Driven Cyber Threats in Fintech

CrowdStrike Report Highlights AI-Driven Cyber Threats in Fintech
Trendline Trendline
2026 World Cup Security Plans Highlight Cyber Threats and Infrastructure Protection

2026 World Cup Security Plans Highlight Cyber Threats and Infrastructure Protection

2026 World Cup Security Plans Highlight Cyber Threats and Infrastructure Protection
Rapid Read Rapid Read
Anthropic's Claude Code Vulnerability Allows Remote Code Execution via Malicious Deeplinks

Anthropic's Claude Code Vulnerability Allows Remote Code Execution via Malicious Deeplinks

A critical remote code execution (RCE) vulnerability has been identified in Anthropic's Claude Code CLI tool. This flaw allows attackers to execute arbitrary commands on a victim's machine by tricking them into clicking a specially crafted deeplink. The vulnerability was discovered by security researcher Joernchen of 0day.click during a manual audit of Claude Code's source code. The issue was rooted in a naive command-line argument parser that could be exploited through the tool's claude-cli:// deeplink handler. The flaw has been patched in Claude Code version 2.1.118, which now includes context-aware argument parsing to prevent such injection attacks. Users are strongly advised to update to the latest version to mitigate this risk.
Trendline Trendline
Xlaserlab Expands Focus on MOPA Laser Technology to Enhance Smart Production

Xlaserlab Expands Focus on MOPA Laser Technology to Enhance Smart Production

Xlaserlab Expands Focus on MOPA Laser Technology to Enhance Smart Production
Trendline Trendline
Proton Drive Offers Secure Cloud Storage at $1/Month, Enhancing Digital Privacy

Proton Drive Offers Secure Cloud Storage at $1/Month, Enhancing Digital Privacy

Proton Drive Offers Secure Cloud Storage at $1/Month, Enhancing Digital Privacy
Trendline Trendline
INVT Launches New Automation and Energy Solutions at Goa Summit

INVT Launches New Automation and Energy Solutions at Goa Summit

INVT Launches New Automation and Energy Solutions at Goa Summit
Trendline Trendline
CrowdStrike Report Highlights AI-Driven Cyber Threats to Financial Services

CrowdStrike Report Highlights AI-Driven Cyber Threats to Financial Services

CrowdStrike Report Highlights AI-Driven Cyber Threats to Financial Services
Rapid Read Rapid Read
Critical NGINX Vulnerability Patched After 16 Years, Exploit Code Released

Critical NGINX Vulnerability Patched After 16 Years, Exploit Code Released

A critical vulnerability in the NGINX web server, identified as CVE-2026-42945, has been patched by F5 Networks. This vulnerability, which has existed since 2008, was addressed in the latest quarterly patch release. The flaw is a heap buffer overflow in the ngx_http_rewrite_module component, which could be exploited to cause a denial-of-service (DoS) condition or potentially allow remote code execution if Address Space Layout Randomization (ASLR) is disabled. The vulnerability affects NGINX servers using rewrite and set directives, and it involves a two-pass process in the script engine that can lead to buffer overflow. The exploit code for this vulnerability has been made publicly available, raising concerns about potential attacks on unpatched systems.
Rapid Read Rapid Read
China-Linked Hackers Deploy New TencShell Malware Against Global Manufacturer

China-Linked Hackers Deploy New TencShell Malware Against Global Manufacturer

Researchers at Cato Networks' Cyber Threats Research Lab have identified a new malware implant, TencShell, suspected to be linked to a China-based actor. This discovery was made during an investigation into an intrusion attempt on the Indian branch of a global manufacturing company. The attack utilized a complex chain involving a first-stage dropper, Donut shellcode, and a masqueraded web-font resource, aiming to deploy a customized Go-based implant derived from the Rshell C2 framework. This operation highlights the use of adaptable open-source tools for sophisticated intrusions, allowing attackers to blend malicious activities into normal enterprise traffic.
Rapid Read Rapid Read
New Linux Kernel Vulnerability 'Fragnesia' Enables Root Privilege Escalation

New Linux Kernel Vulnerability 'Fragnesia' Enables Root Privilege Escalation

A newly identified vulnerability in the Linux kernel, known as 'Fragnesia' and officially designated as CVE-2026-46300, has been disclosed. This flaw allows local attackers to escalate their privileges to root by exploiting the XFRM ESP-in-TCP subsystem. The vulnerability permits attackers to overwrite critical system files, such as /usr/bin/su and /etc/passwd, potentially compromising system integrity. The issue affects most major Linux distributions, prompting them to begin issuing patches to mitigate the risk. The discovery of this vulnerability highlights ongoing challenges in maintaining secure systems against evolving cyber threats.
Rapid Read Rapid Read
NGINX Vulnerability Exploit Code Released, Poses Security Risks

NGINX Vulnerability Exploit Code Released, Poses Security Risks

Technical details and proof-of-concept (PoC) exploit code for a critical vulnerability in NGINX have been published. The vulnerability, identified as CVE-2026-42945, has a CVSS score of 9.2 and was recently patched by F5. It involves a heap buffer overflow in the ngx_http_rewrite_module component, which can lead to a denial-of-service (DoS) condition or remote code execution (RCE) if Address Space Layout Randomization (ASLR) is disabled. The issue affects NGINX servers using rewrite and set directives, stemming from a two-pass process in the script engine that can result in an undersized buffer allocation. This allows attacker-controlled data to overflow the buffer. The vulnerability was introduced 16 years ago and has now been addressed in NGINX Plus versions 37.0.0, R36 P4, and R32 P6, as well as in NGINX open source versions 1.31.0 and 1.30.1.
Rapid Read Rapid Read
Critical NGINX Vulnerability Exploited: PoC Code Released, Raising Security Concerns

Critical NGINX Vulnerability Exploited: PoC Code Released, Raising Security Concerns

A critical vulnerability in the NGINX web server, identified as CVE-2026-42945, has been disclosed with the release of proof-of-concept (PoC) exploit code. This vulnerability, which has a CVSS score of 9.2, was patched recently by F5 as part of their quarterly update. The flaw is a heap buffer overflow in the ngx_http_rewrite_module, which can lead to a denial-of-service (DoS) condition and potentially remote code execution (RCE) if Address Space Layout Randomization (ASLR) is disabled. The vulnerability affects NGINX servers using rewrite and set directives, and it involves a two-pass process in the script engine that can result in an undersized buffer allocation. This allows attacker-controlled data to overflow the buffer, potentially leading to RCE. F5 has released patches for NGINX Plus and open-source versions to address this issue.