Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...
The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.

Google posts Chromium browsers' proof-of-concept exploit code without a fix

Chrome, Edge, Brave, Opera, and other Chromium-based browsers could reportedly be exposed to abuse after Google accidentally ...
Le Lézard

Palabra.ai (Real-Time AI Voice Translator) Hits $1M ARR -- Grows 17x in Six Months

Palabra.ai, the real-time AI voice translator backed by Seven Seven Six, has crossed $1 million in annual run rate, growing ...
Internet of People

TrapDoor attack targets crypto wallets, AWS keys and GitHub tokens

The malware spread through npm, PyPI, and Rust packages in coordinated waves. It steals crypto wallets, SSH keys, and cloud developer credentials. AI coding tools were also targeted through malicious ...
crypto2community

Socket Warns TrapDoor Malware Is Targeting Crypto Developers

CAUTION: The content presented on this platform is not intended as financial guidance, and we lack the authorization to offer investment advice. Any material found on this website should not be ...