Chrome CVE-2026-0628 let malicious extensions hijack Gemini panel for privilege escalation, local file access, and surveillance.

Google is testing Merkle Tree Certificates in Chrome to enable quantum-resistant HTTPS, reduce TLS handshake data & launch a new root store by 2027.

AI in cybersecurity can improve detection and response, but lean teams must weigh complexity, costs, and measurable outcomes carefully.

SafeLine self-hosted WAF blocks SaaS bot abuse with 99.45% accuracy, cutting fake sign-ups and stabilizing CPU usage.

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT via 31 Vercel deployments.

OpenClaw patches ClawJacked flaw, log poisoning bug, and multiple CVEs as 71 malicious ClawHub skills spread malware and crypto scams.

Research reveals 2,863 public Google API keys can access Gemini endpoints, enabling data exposure and massive billing abuse.

Pentagon labels Anthropic a supply chain risk after dispute over mass surveillance and autonomous weapons use.

The U.S. DoJ seized $61 million in Tether tied to pig butchering crypto investment scams, while Tether reports freezing $4.2 ...

Over 900 FreePBX systems remain infected after CVE-2025-64328 exploitation, now listed in CISA KEV amid active attacks.

A fake Go module posing as golang.org/x/crypto captures terminal passwords, installs SSH persistence, and delivers the ...