Thousands of Notion users are at risk after researchers revealed that public pages leak editors’ personal information—including emails and profile photos—without authentication. Here’s what you need to know.
A hidden flaw in Anthropic’s MCP lets attackers hijack AI supply chains. Despite warnings, the vulnerability remains—putting millions of systems at risk.
A critical Marimo Python notebook flaw was exploited within hours of disclosure, with attackers harvesting sensitive credentials via an unauthenticated WebSocket endpoint. Urgent patching is now essential.
A recently discovered flaw in Docker Engine let attackers bypass security checks by exploiting how request bodies are handled. The vulnerability, affecting versions before 29.3.1, put systems using AuthZ plugins at risk. Immediate patching is advised.
Anthropic’s Claude Code AI assistant suffered a major security lapse, allowing hackers to bypass user-defined protections by exploiting a hidden parser limit. Here’s how the flaw exposed sensitive data and what developers should do now.
A logic error in Open VSX’s extension scanning nearly let malicious extensions go live undetected. Here’s how the bug worked, how it was fixed, and what it means for software supply chain security.
A subtle software bug in Open VSX’s security pipeline let malicious VS Code extensions bypass pre-publish scans—no hacking required. Here’s how attackers exploited the flaw, and how it was finally closed.
A new vulnerability in Oracle’s software ecosystem threatens critical business data across the globe. Here’s what you need to know—and how to stay protected.
A newly discovered flaw in AdGuard Home let attackers bypass login protections using a crafty HTTP/2 Cleartext upgrade, forcing an urgent security response. Learn how this happened and how to protect your network.
A hidden flaw in DuckDuckGo’s Android browser AutoConsent JS bridge enabled attackers to execute malicious code across websites without user interaction. This investigative feature reveals how the vulnerability worked, its dangers, and what users need to do to stay safe.