DarkSword exploit, which affects outdated versions of iOS, leaks on GitHub

The exploit is now publicly available on GitHub, increasing the urgency for older iPhones and iPads to run the latest ...
Dark Reading

Trivy Supply Chain Attack Targets CI/CD Secrets

A threat actor used the open source security tool to breach CI/CD workflows and steal cloud credentials, SSH keys, and other ...

Someone has publicly leaked an exploit kit that can hack millions of iPhones

Leaked "DarkSword" exploits published to GitHub allow hackers and cybercriminals to target iPhone users running old versions ...

You are out of time to update: Severe iOS hack code leaks to everyone

The DarkSword exploit, which primarily targets devices running older iOS versions, has unfortunately made its way to GitHub.
The Hacker News

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...

Securing the Code Factory: Why SDLC Infrastructure Has Become a Core Cloud Risk

For years, software security focused on the final product: the code that ships. Today, attackers are increasingly targeting ...
SecurityWeek

Critical Langflow Vulnerability Exploited Hours After Public Disclosure

A critical Langflow vulnerability leading to unauthenticated remote code execution has been exploited hours after public ...

GhostClaw turns GitHub habits into a macOS malware pipeline

GhostClaw, a macOS infostealer, is spreading through GitHub repositories and developer tools, and it works because routine ...

ClawSecure Outranks Google on Product Hunt as Demand for OpenClaw Security Surges

ClawSecure reached #2 Product of the Day with 1,498 users scanning OpenClaw agents in 24 hours, outranking Google ...
Windows Report

Visual Studio Code Update Brings End-to-End Web Debugging and AI Control

Visual Studio Code 1.112 introduces in-editor web app debugging, Copilot Autopilot mode, and improved AI workflows for ...

Hackers exploit OpenClaw hype on GitHub to steal crypto funds

Crypto scammers are exploiting the rising visibility of OpenClaw to target developers through a coordinated phishing campaign ...

Morphisec Unveils Adaptive AI Defense — Multi‑Layered Ransomware Protection for the AI Era

First‑of‑its‑kind Preemptive Cyber Defense Platform Provides Visibility into Shadow AI, Fortifies Endpoints, and Stops ...