Security
Headlines
HeadlinesLatestCVEs

Tag

#git

Regulators around the world are scrutinizing Grok over sexual deepfakes

Grok’s apology is unlikely to be the end of the story after the AI tool was used to generate content that may constitute illegal child sexual abuse material.

Malwarebytes
Open in Source
#web#apple#google#microsoft#git#auth
⚡ Weekly Recap: AI Automation Exploits, Telecom Espionage, Prompt Poaching & More

This week made one thing clear: small oversights can spiral fast. Tools meant to save time and reduce friction turned into easy entry points once basic safeguards were ignored. Attackers didn’t need novel tricks. They used what was already exposed and moved in without resistance. Scale amplified the damage. A single weak configuration rippled out to millions. A repeatable flaw worked again and

Celebrating reviews and recognitions for Malwarebytes in 2025

In 2025, Malwarebytes was repeatedly tested against real-world threats. Here’s what those tests found.

New OPCOPRO Scam Uses AI and Fake WhatsApp Groups to Defraud Victim

Meet OPCOPRO, an online scam that builds a fake AI-run world like The Truman Show using WhatsApp and apps to steal IDs via fake KYC and investments.

GHSA-pgqp-8h46-6x4j: MLFlow is vulnerable to DNS rebinding attacks due to a lack of Origin header validation

MLFlow versions up to and including 3.4.0 are vulnerable to DNS rebinding attacks due to a lack of Origin header validation in the MLFlow REST server. This vulnerability allows malicious websites to bypass Same-Origin Policy protections and execute unauthorized calls against REST endpoints. An attacker can query, update, and delete experiments via the affected endpoints, leading to potential data exfiltration, destruction, or manipulation. The issue is resolved in version 3.5.0.

A week in security (January 5 – January 11)

A list of topics we covered in the week of January 5 to January 11 of 2026

Researchers Uncover Service Providers Fueling Industrial-Scale Pig Butchering Fraud

Cybersecurity researchers have shed light on two service providers that supply online criminal networks with the necessary tools and infrastructure to fuel the pig butchering-as-a-service (PBaaS) economy. At least since 2016, Chinese-speaking criminal groups have erected industrial-scale scam centers across Southeast Asia, creating special economic zones that are devoted to fraudulent investment

Enshittification is ruining everything online (Lock and Code S07E01)

This week on the Lock and Code podcast, we speak with Cory Doctor about enshittification and its dangerous impact online and off.

Manage clusters and applications at scale with Argo CD Agent on Red Hat OpenShift GitOps

The Argo CD Agent is now Generally Available with the release of Red Hat OpenShift GitOps 1.19. Organizations using Kubernetes and OpenShift have widely adopted the GitOps methodology to manage clusters and applications, with Argo CD being the leading open source GitOps solution on Kubernetes. However, organizations adopting Argo CD have faced challenges selecting an appropriate Argo CD deployment model. There's often a choice between prioritizing scalability across multiple clusters or to implement centralized GitOps management. The Argo CD Agent for OpenShift GitOps solves this challenge by

Instagram’s “17 Million User Data Leak” Was Just Scraped Records from 2022

Instagram’s 17 million user data leak wasn’t a new breach - Hackread.com's in-depth analysis shows it was scraped in 2022, leaked in 2023, and falsely repackaged in 2026.