AI browsers can be hijacked through prompt injection, turning assistants into insider threats. Learn how these exploits work ...

A high-severity OpenClaw flaw allows one-click remote code execution via token theft and WebSocket hijacking; patched in ...

Researchers disclose rapid exploit chain that let attackers run code via a single malicious web page Security issues continue ...

Two vulnerabilities in n8n’s sandbox mechanism could be exploited for remote code execution (RCE) on the host system.

The code injection flaws allow for unauthenticated remote code execution on Ivanti Endpoint Manager Mobile deployments, but ...

A critical sandbox escape vulnerability in Grist-Core has been disclosed that allows remote code execution (RCE) through a ...

RedLine, Lumma, and Vidar adapted in 48 hours. Clawdbot's localhost trust model collapsed, plaintext memory files sit exposed ...

A JavaScript sandbox bug rated CVSS 9.9 enables attackers to bypass AST‑based protections, while a Python execution bypass ...

Regional APT Threat Situation In December 2025, the global threat hunting system of Fuying Lab detected a total of 24 APT attack activities. These activities were primarily concentrated in regions ...

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.

Nvidia has rolled out a new software security update for its GPU display driver, which takes care of three vulnerabilities, labelled as “high” severity.

The Indian government has issued a high-risk cybersecurity alert for Apple and Google Chrome users, urging immediate software updates to prevent hacking, data theft, and remote system attacks.