Experts flag around 800,000 Telnet servers exposed to remote attacks

Hackers are hunting for vulnerable endpoints to deploy Python malware.
The Hacker News

Critical Grist-Core Vulnerability Allows RCE Attacks via Spreadsheet Formulas

A critical Grist-Core flaw (CVE-2026-24002, CVSS 9.1) allows remote code execution through malicious formulas when Pyodide ...
Infosecurity Magazine

Pyodide Sandbox Escape Enables Remote Code Execution in Grist-Core

A critical sandbox escape vulnerability in Grist-Core has been disclosed that allows remote code execution (RCE) through a ...
The Hacker News

Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading

Researchers found a LinkedIn phishing campaign delivering a remote access trojan via DLL sideloading, WinRAR SFX files, and ...
Dark Reading

AsyncRAT Malware Infests Orgs via Python & Cloudflare

The phishing campaign shows how attackers continue to weaponize legitimate cloud services and open source tools to evade ...

Nearly 800,000 Telnet servers exposed to remote attacks

Internet security watchdog Shadowserver tracks nearly 800,000 IP addresses with Telnet fingerprints amid ongoing attacks ...

Popular Python libraries used in Hugging Face models subject to poisoned metadata attack

The open-source libraries were created by Salesforce, Nvidia, and Apple with a Swiss group Vulnerabilities in popular AI and ...

MCP shipped without authentication. Clawdbot shows why that's a problem.

Knostic found 1,862 MCP servers exposed with zero authentication. Here are five actions CISOs should take now.

Python libraries used in top AI and ML tools hacked

The bugs have been fixed, so users should patch now, experts warn.

Fake ad blocker extension crashes the browser for ClickFix attacks

A malvertising campaign is using a fake ad-blocking Chrome and Edge extension named NexShield that intentionally crashes the ...
CSO Online

CrashFix attack hijacks browser failures to deliver ModelRAT malware via fake Chrome extension

A malicious extension impersonating an ad blocker forces repeated browser crashes before pushing victims to run ...