Albeit mainly considered a theoretical risk, the flaw has been exploited to disable protections and deliver malware.
The post Critical React Native Vulnerability Exploited in the Wild appeared first on SecurityWeek.
Vulnerability Allows Hackers to Hijack OpenClaw AI Assistant
OpenClaw (aka Moltbot and Clawdbot) is vulnerable to one-click remote code execution attacks.
The post Vulnerability Allows Hackers to Hijack OpenClaw AI Assistant appeared first on SecurityWeek.
Hackers Leak 5.1 Million Panera Bread Records
ShinyHunters has claimed the theft of 14 million records from the US bakery-cafe chain’s systems.
The post Hackers Leak 5.1 Million Panera Bread Records appeared first on SecurityWeek.
Russia’s APT28 Rapidly Weaponizes Newly Patched Office Vulnerability
The attacks targeting Europe were analyzed by Ukraine’s CERT-UA and the cybersecurity company Zscaler.
The post Russia’s APT28 Rapidly Weaponizes Newly Patched Office Vulnerability appeared first on SecurityWeek.
Kasada Raises $20 Million for Anti-Bot Expansion
The company will invest in market expansion and accelerating product capabilities.
The post Kasada Raises $20 Million for Anti-Bot Expansion appeared first on SecurityWeek.
ShinyHunters-Branded Extortion Activity Expands, Escalates
Hackers rely on evolved vishing and login harvesting to compromise SSO credentials for unauthorized MFA enrollment.
The post ShinyHunters-Branded Extortion Activity Expands, Escalates appeared first on SecurityWeek.
Open VSX Publisher Account Hijacked in Fresh GlassWorm Attack
A hacker published malicious versions of four established VS Code extensions to distribute a GlassWorm malware loader.
The post Open VSX Publisher Account Hijacked in Fresh GlassWorm Attack appeared first on SecurityWeek.
Default ICS Credentials Exploited in Destructive Attack on Polish Energy Facilities
Poland’s CERT has published a report on the recent attack, providing new details on targeted ICS and attribution.
The post Default ICS Credentials Exploited in Destructive Attack on Polish Energy Facilities appeared first on SecurityWeek.
Cyber Insights 2026: Malware and Cyberattacks in the Age of AI
Security leaders share how artificial intelligence is changing malware, ransomware, and identity-led intrusions, and how defenses must evolve.
The post Cyber Insights 2026: Malware and Cyberattacks in the Age of AI appeared first on SecurityWeek.
Over 1,400 MongoDB Databases Ransacked by Threat Actor
Of 3,100 unprotected MongoDB instances, half remain compromised, most of them by a single threat actor.
The post Over 1,400 MongoDB Databases Ransacked by Threat Actor appeared first on SecurityWeek.
