Five critical security vulnerabilities in Bloomberg's open-source Comdb2 database that could allow attackers to launch denial-of-service attacks through specially crafted network packets.
The vulnerabilities, affecting version 8.1 of the high-availability database system, have been successfully patched by Bloomberg following responsible disclosure practices.
Three severe null...
An advanced espionage campaign designated "Fire Ant" that has been targeting virtualization and networking infrastructure since early 2025.
The sophisticated threat actors demonstrated exceptional persistence and operational resilience, adapting in real-time to eradication efforts while maintaining prolonged access to compromised systems.
The campaign's techniques...
A sophisticated supply chain attack targeting Amazon's Q extension for Visual Studio Code successfully embedded malicious system prompts designed to wipe users' local files and AWS cloud resources, exposing critical vulnerabilities in AI development tool security.
The compromised version 1.84.0 briefly contained destructive commands...
The Contagious Interview campaign conducted by the Lazarus Group continues to expand its capabilities. We have observed an exponential evolution in the delivery mechanisms for the campaign's main payloads: BeaverTail, InvisibleFerret, and OtterCookie.
In this article, we will discuss the innovations related to the delivery...