Albeit mainly considered a theoretical risk, the flaw has been exploited to disable protections and deliver malware.
The post Critical React Native Vulnerability Exploited in the Wild appeared first on SecurityWeek.
Vulnerability Allows Hackers to Hijack OpenClaw AI Assistant
OpenClaw (aka Moltbot and Clawdbot) is vulnerable to one-click remote code execution attacks.
The post Vulnerability Allows Hackers to Hijack OpenClaw AI Assistant appeared first on SecurityWeek.
French prosecutors raid X offices, summon Musk over Grok deepfakes
French prosecutors have raided X’s offices in Paris on Tuesday as part of a criminal investigation into the platform’s Grok AI tool, widely used to generate sexually explicit images. […]
Hackers Leak 5.1 Million Panera Bread Accounts
ShinyHunters has claimed the theft of 14 million records from the US bakery-cafe chain’s systems.
The post Hackers Leak 5.1 Million Panera Bread Accounts appeared first on SecurityWeek.
Russia’s APT28 Rapidly Weaponizes Newly Patched Office Vulnerability
The attacks targeting Europe were analyzed by Ukraine’s CERT-UA and the cybersecurity company Zscaler.
The post Russia’s APT28 Rapidly Weaponizes Newly Patched Office Vulnerability appeared first on SecurityWeek.
When Cloud Outages Ripple Across the Internet
Recent major cloud service outages have been hard to miss. High-profile incidents affecting providers such as AWS, Azure, and Cloudflare have disrupted large parts of the internet, taking down websites and services that many other systems depend on. The resulting ripple effects have halted applications and workflows that many organizations rely on every day.
For consumers, these outages are
For consumers, these outages are
Kasada Raises $20 Million for Anti-Bot Expansion
The company will invest in market expansion and accelerating product capabilities.
The post Kasada Raises $20 Million for Anti-Bot Expansion appeared first on SecurityWeek.
APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks
The Russia-linked state-sponsored threat actor known as APT28 (aka UAC-0001) has been attributed to attacks exploiting a newly disclosed security flaw in Microsoft Office as part of a campaign codenamed Operation Neusploit.
Zscaler ThreatLabz said it observed the hacking group weaponizing the shortcoming on January 29, 2026, in attacks targeting users in Ukraine, Slovakia, and Romania, three
Zscaler ThreatLabz said it observed the hacking group weaponizing the shortcoming on January 29, 2026, in attacks targeting users in Ukraine, Slovakia, and Romania, three
Mozilla Adds One-Click Option to Disable Generative AI Features in Firefox
Mozilla on Monday announced a new controls section in its Firefox desktop browser settings that allows users to completely turn off generative artificial intelligence (GenAI) features.
“It provides a single place to block current and future generative AI features in Firefox,” Ajit Varma, head of Firefox, said. “You can also review and manage individual AI features if you choose to use them. This
“It provides a single place to block current and future generative AI features in Firefox,” Ajit Varma, head of Firefox, said. “You can also review and manage individual AI features if you choose to use them. This
Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group
A China-linked threat actor known as Lotus Blossom has been attributed with medium confidence to the recently discovered compromise of the infrastructure hosting Notepad++.
The attack enabled the state-sponsored hacking group to deliver a previously undocumented backdoor codenamed Chrysalis to users of the open-source editor, according to new findings from Rapid7.
The development comes shortly
The attack enabled the state-sponsored hacking group to deliver a previously undocumented backdoor codenamed Chrysalis to users of the open-source editor, according to new findings from Rapid7.
The development comes shortly