2+ hour, 1+ min ago  (558+ words) Git Lab has released emergency security updates for both Community Edition (CE) and Enterprise Edition (EE), addressing multiple Duo AI, denial'of'service, and authorization flaws in recent versions of the platform. On May 27, 2026, Git Lab shipped versions 19. 0. 1, 18. 11. 4, and 18. 10. 7 as security patch…...

6+ hour, 29+ min ago  (382+ words) Pentest Swarm AI is the first open-source autonomous penetration testing platform built on a swarm intelligence architecture, not just multiple agents firing in a fixed sequence. Developed by Armur AI, it gives security professionals live, coordinated access to the full…...

15+ hour, 12+ min ago  (556+ words) In late February 2024, a significant cybersecurity breach at Change Healthcare " a major claims-processing clearinghouse that handles approximately one-third of all US medical claims " disrupted operations across the healthcare industry. Founder Vlad Panin of i Frame" (then operating as IFORELS) addressed…...

14+ hour, 32+ min ago  (331+ words) Google has officially moved Device Bound Session Credentials (DBSC) to general availability in the Chrome browser on Windows, delivering a powerful defense against one of the most persistent threats in modern cybersecurity session cookie theft. Session cookies are small files…...

14+ hour, 52+ min ago  (412+ words) GREYVIBE hackers are increasingly leveraging generative AI tools such as Chat GPT and Google Gemini to enhance cyberattack operations. The campaign, active since at least August 2025, primarily targets Ukraine and related entities across the government, military, and civilian sectors, highlighting…...

15+ hour, 39+ min ago  (445+ words) Palo Alto Networks authentication bypass vulnerability, CVE-2026-0257, affecting PAN-OS and Prisma Access, is now being actively exploited in the wild, with CISA adding it to the Known Exploited Vulnerabilities (KEV) catalog on May 29, 2026. Palo Alto Networks published its security advisory…...

1+ day, 2+ hour ago  (673+ words) A new threat actor tracked as JINX-0164 has been running calculated attacks against cryptocurrency organizations, using Linked In profiles to lure developers into downloading custom mac OS malware. Active since at least mid-2025, the group has combined social engineering, credential theft,…...

1+ day, 2+ hour ago  (611+ words) A wave of sophisticated supply chain attacks has put millions of software developers on high alert, with threat actors turning everyday developer tools into weapons for stealing credentials, cloud tokens, and source code. What makes these campaigns especially alarming is…...

1+ day, 3+ hour ago  (326+ words) A browser-based prompt injection technique that transforms any web page into a phishing delivery surface by exploiting Chat GPT's page summarization feature, rendering attacker-controlled links, fake security alerts, and QR codes directly inside the trusted Chat GPT interface. Chat GPhish…...

1+ day, 2+ hour ago  (674+ words) A newly analyzed ransomware strain called The Gentlemen is raising serious alarms across the cybersecurity community. Built in the Go programming language and obfuscated with a tool called Garble, it combines powerful per-file encryption with an aggressive ability to spread…...