SecurityWeek

Infostealer Malware Delivered in EmEditor Supply Chain Attack

The text and code editing tool EmEditor was targeted in a supply chain attack that resulted in the distribution of ...
eWeek

This AI Tool Can Plan and Execute Penetration Tests on Its Own

An AI-powered penetration testing tool is automating offensive cybersecurity, accelerating vulnerability discovery and ...
The Hacker News

China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware

China-linked Evasive Panda used DNS poisoning to deliver the MgBot backdoor in targeted espionage attacks from 2022 to 2024.
The Hacker News

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

A critical LangChain Core vulnerability (CVE-2025-68664, CVSS 9.3) allows secret theft and prompt injection through unsafe ...
eWeek

LangChain AI Vulnerability Exposes Millions of Apps

A critical LangChain AI vulnerability exposes millions of apps to theft and code injection, prompting urgent patching and ...