A serious security problem has been discovered in Cursor, the AI-powered code editor. Researchers revealed that malicious code can run on a developer’s computer the very moment a project folder is opened in Cursor, and the frightening part is that it happens without any warning or confirmation prompt. The flaw exists because Cursor ships with … Continued
A new wave of malware known as EvilAI is worrying security researchers because it uses artificial intelligence to stay hidden and look trustworthy. Instead of being obvious viruses, these threats are disguised as normal productivity or AI apps. At first glance, they seem safe, but once installed, they quietly deliver harmful code into a system. … Continued
A Ukrainian man accused of carrying out large-scale ransomware attacks has officially been added to Europe’s Most Wanted list. Authorities say he played a key role in cyberattacks that caused serious financial and operational damage to companies around the world. The fugitive has been identified as Volodymyr Viktorovych Tymoshchuk, a 28-year-old Ukrainian citizen. Law enforcement … Continued
Cybersecurity researchers have discovered that attackers are misusing ConnectWise ScreenConnect, a widely used remote access tool, to deliver AsyncRAT, a dangerous Remote Access Trojan. The malicious campaign is designed to steal sensitive data, login credentials, and even cryptocurrency from unsuspecting victims. The attack begins when a victim downloads or installs a tampered version of the … Continued
In July 2025, just before key trade talks between the United States and China in Sweden, a suspicious email began making rounds. The email looked like it was sent by Representative John Moolenaar, who chairs the House committee on U.S.–China competition. It asked recipients to review a draft of legislation, but the attachment was actually … Continued
TL;DR A critical improper-input-validation vulnerability (CVE-2025-54236, a.k.a. SessionReaper) in Adobe Commerce / Magento Open Source lets attackers take over customer sessions via the Commerce REST API — Adobe released an out-of-band patch on Sep 9, 2025 and urges immediate remediation. CVSS: 9.1 (Critical). Adobe Help Center What happened Adobe published an emergency security bulletin (APSB25-88) … Continued
A major security incident has hit the JavaScript ecosystem as more than 20 popular npm packages were compromised in a supply chain attack. These packages together are downloaded over 2 billion times every week, making the attack one of the most serious seen in recent years. Well-known libraries like chalk and debug were among the … Continued
What happened Plex, the media streaming and personal media server platform, confirmed today that an unauthorized third party accessed a limited subset of customer database information—including emails, usernames, and securely hashed passwords—through a security breach. The company stated that there is no evidence of credit card data being compromised, as they do not store such … Continued
A new security report has revealed that a dangerous flaw in Apple’s Messages app was used to spy on journalists. At the same time, businesses using SAP S/4HANA are being warned about a critical vulnerability that attackers are already exploiting. Both cases show how quickly hackers move and why updating software immediately is more important … Continued
OverviewOpenAI has made the organizational “Projects” feature in ChatGPT available to all users, including those on the free tier. In addition, a powerful new “Branch in new chat” toggle allows users to split ongoing conversations into focused threads—streamlining workflows and enhancing clarity.OpenAI Help Center What’s New? Projects for Free UsersPreviously exclusive to paid plans, ChatGPT … Continued
