Latest News
A new wave of GoBruteforcer attacks has targeted databases of cryptocurrency and blockchain projects to co-opt them into a botnet that's capable of brute-forcing user passwords for services such as FTP, MySQL, PostgreSQL, and phpMyAdmin on Linux servers. "The current wave of campaigns is driven by two factors: the mass reuse of AI-generated server deployment examples that propagate common
MLFlow versions up to and including 3.4.0 are vulnerable to DNS rebinding attacks due to a lack of Origin header validation in the MLFlow REST server. This vulnerability allows malicious websites to bypass Same-Origin Policy protections and execute unauthorized calls against REST endpoints. An attacker can query, update, and delete experiments via the affected endpoints, leading to potential data exfiltration, destruction, or manipulation. The issue is resolved in version 3.5.0.
Anthropic has become the latest Artificial intelligence (AI) company to announce a new suite of features that allows users of its Claude platform to better understand their health information. Under an initiative called Claude for Healthcare, the company said U.S. subscribers of Claude Pro and Max plans can opt to give Claude secure access to their lab results and health records by connecting to
A list of topics we covered in the week of January 5 to January 11 of 2026
Cybersecurity researchers have shed light on two service providers that supply online criminal networks with the necessary tools and infrastructure to fuel the pig butchering-as-a-service (PBaaS) economy. At least since 2016, Chinese-speaking criminal groups have erected industrial-scale scam centers across Southeast Asia, creating special economic zones that are devoted to fraudulent investment
This week on the Lock and Code podcast, we speak with Cory Doctor about enshittification and its dangerous impact online and off.
The Argo CD Agent is now Generally Available with the release of Red Hat OpenShift GitOps 1.19. Organizations using Kubernetes and OpenShift have widely adopted the GitOps methodology to manage clusters and applications, with Argo CD being the leading open source GitOps solution on Kubernetes. However, organizations adopting Argo CD have faced challenges selecting an appropriate Argo CD deployment model. There's often a choice between prioritizing scalability across multiple clusters or to implement centralized GitOps management. The Argo CD Agent for OpenShift GitOps solves this challenge by
Instagram’s 17 million user data leak wasn’t a new breach - Hackread.com's in-depth analysis shows it was scraped in 2022, leaked in 2023, and falsely repackaged in 2026.
A vulnerability was found in AcademySoftwareFoundation OpenColorIO up to 2.5.0. This issue affects the function ConvertToRegularExpression of the file src/OpenColorIO/FileRules.cpp. Performing a manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. The patch is named ebdbb75123c9d5f4643e041314e2bc988a13f20d. To fix this issue, it is recommended to deploy a patch. The fix was added to the 2.5.1 milestone.
Authorities caught 34 members of the notorious Black Axe gang in Spain known for stealing millions of Euros through online romance scams and email fraud.