The Tea app data breach has grown into an even larger leak, with the stolen data now shared on hacking forums and a second database discovered that allegedly contains 1.1 million private messages exchanged between the app’s members. […]
Flaw in Gemini CLI AI coding assistant allowed stealthy code execution
A vulnerability in Google’s Gemini CLI allowed attackers to silently execute malicious commands and exfiltrate data from developers’ computers using allowlisted programs. […]
Endgame Gear mouse config tool infected users with malware
Gaming peripherals maker Endgame Gear is warning that malware was hidden in its configuration tool for the OP1w 4k v2 mouse hosted on the official website between June 26 and July 9, 2025. […]
Microsoft: macOS Sploitlight flaw leaks Apple Intelligence data
Attackers could use a recently patched macOS vulnerability to bypass Transparency, Consent, and Control (TCC) security checks and steal sensitive user information, including Apple Intelligence cached data. […]
Hackers Breach Toptal GitHub, Publish 10 Malicious npm Packages With 5,000 Downloads
In what’s the latest instance of a software supply chain attack, unknown threat actors managed to compromise Toptal’s GitHub organization account and leveraged that access to publish 10 malicious packages to the npm registry.
The packages contained code to exfiltrate GitHub authentication tokens and destroy victim systems, Socket said in a report published last week. In addition, 73 repositories
The packages contained code to exfiltrate GitHub authentication tokens and destroy victim systems, Socket said in a report published last week. In addition, 73 repositories
Exploit available for critical Cisco ISE bug exploited in attacks
Security researcher Bobby Gould has published a blog post demonstrating a complete exploit chain for CVE-2025-20281, an unauthenticated remote code execution vulnerability in Cisco Identity Services Engine (ISE). […]
CISA flags PaperCut RCE bug as exploited in attacks, patch now
CISA warns that threat actors are exploiting a high-severity vulnerability in PaperCut NG/MF print management software, which can allow them to gain remote code execution in cross-site request forgery (CSRF) attacks. […]
Microsoft will stop supporting Windows 11 22H2 in October
Microsoft has reminded customers today that the last supported editions of Windows 11 22H2 will reach their end of servicing on October 14. […]
OpenAI prepares GPT-5 for roll out
OpenAI’s ChatGPT-5 could drop in the coming days, and it could be one of the best models from the Microsoft-backed startup. […]
France’s warship builder Naval Group investigates 1TB data breach
France’s state-owned defense firm Naval Group is investigating a cyberattack after 1TB of allegedly stolen data was leaked on a hacking forum. […]