Security

Malicious VS Code AI Extensions With 1.5 Million Installs Steal Developer Source Code

Cybersecurity researchers have uncovered two malicious Microsoft Visual Studio Code extensions that present themselves as AI-powered coding assistants but secretly collect and exfiltrate developers’ source code to servers based in China. The extensions, which together have reached more than 1.5 million installs and remain available on the official Visual Studio Marketplace, are listed as ChatGPT […]

Malicious VS Code AI Extensions With 1.5 Million Installs Steal Developer Source Code Read More »

Critical GNU InetUtils telnetd Vulnerability Allows Login Bypass and Root Access

A severe security vulnerability has been disclosed in the GNU InetUtils telnet daemon (telnetd) that has remained unnoticed for nearly 11 years. The flaw allows remote attackers to bypass authentication and gain root access on affected systems. Vulnerability Overview The flaw, tracked as CVE-2026-24061, carries a CVSS score of 9.8/10. It impacts all GNU InetUtils versions from 1.9.3 through

Critical GNU InetUtils telnetd Vulnerability Allows Login Bypass and Root Access Read More »

Malicious PyPI Package Masquerades as SymPy and Deploys XMRig Miner on Linux Hosts

A newly identified malicious package hosted on the Python Package Index (PyPI) has been caught impersonating the widely used SymPy library to deploy harmful payloads on Linux machines. The campaign highlights the growing risk of supply chain attacks targeting developers through trusted open source repositories. Fake Development Package Targets Python Users The malicious package, named sympy-dev,

Malicious PyPI Package Masquerades as SymPy and Deploys XMRig Miner on Linux Hosts Read More »

SmarterMail Authentication Bypass Actively Exploited Just Two Days After Patch Release

A newly discovered security vulnerability in SmarterTools SmarterMail email software is being actively exploited in real world attacks only two days after a fix was released. The rapid exploitation has raised concerns about patch awareness, disclosure practices, and the exposure of email infrastructure to credential takeover and remote code execution. Authentication Bypass Identified and Patched

SmarterMail Authentication Bypass Actively Exploited Just Two Days After Patch Release Read More »

LastPass Alerts Users About Fake Maintenance Messages Targeting Master Passwords

LastPass has issued a warning about a new phishing campaign designed to steal users’ master passwords by impersonating the popular password management service. How the Phishing Campaign Works The campaign, active since around January 19, 2026, sends emails claiming upcoming maintenance and urging users to create a local backup of their password vaults within 24 hours. The phishing emails carry subject

LastPass Alerts Users About Fake Maintenance Messages Targeting Master Passwords Read More »

VoidLink Linux Malware Framework Created with AI Assistance Hits 88,000 Lines of Code

Cybersecurity researchers have uncovered new details about a highly advanced Linux malware framework known as VoidLink, revealing that the project was likely developed by a single threat actor using artificial intelligence assistance. The findings suggest a major shift in how sophisticated malware can now be created with limited human resources. According to a detailed analysis released

VoidLink Linux Malware Framework Created with AI Assistance Hits 88,000 Lines of Code Read More »

CERT/CC Warns Binary Parser Bug Enables Privilege Level Code Execution in Node.js

The CERT Coordination Center (CERT/CC) has issued a warning about a security vulnerability in the widely used binary-parser npm library that could allow attackers to execute arbitrary JavaScript code under certain conditions. The flaw is tracked as CVE-2026-1245 and affects all versions of binary-parser released before 2.3.0. The issue was fixed on November 26, 2025, and users are strongly advised

CERT/CC Warns Binary Parser Bug Enables Privilege Level Code Execution in Node.js Read More »

North Korea Linked Hackers Target Developers Through Malicious VS Code Projects

Threat actors linked to North Korea’s long-running Contagious Interview campaign have been observed abusing Microsoft Visual Studio Code (VS Code) projects to compromise developer systems and deploy stealthy backdoors. According to Jamf Threat Labs, this activity reflects a continued evolution of a technique first identified in December 2025. The campaign relies on social engineering and developer workflows,

North Korea Linked Hackers Target Developers Through Malicious VS Code Projects Read More »

Security Flaw in StealC Malware Panel Allows Researchers to Monitor Threat Actor Operations

Cybersecurity researchers have revealed a cross site scripting vulnerability in the web based administration panel used by operators of the StealC information stealing malware, enabling analysts to observe and collect intelligence on one of the threat actors actively running the operation. CyberArk researcher Ari Novick stated that exploitation of the flaw allowed researchers to collect system fingerprints, track

Security Flaw in StealC Malware Panel Allows Researchers to Monitor Threat Actor Operations Read More »

Critical WordPress Modular DS Plugin Vulnerability Actively Exploited to Gain Admin Access

Security researchers have confirmed active exploitation of a critical vulnerability affecting the Modular DS WordPress plugin, allowing attackers to gain administrator level access without authentication. The issue has been disclosed by WordPress security firm Patchstack and is already being abused in real world attacks. The vulnerability is tracked as CVE-2026-23550 and carries a maximum CVSS

Critical WordPress Modular DS Plugin Vulnerability Actively Exploited to Gain Admin Access Read More »