CSO Online

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

A single unauthenticated connection gives attackers a full shell; credential theft observed in under three minutes on honeypot servers.

Critical Marimo pre-auth RCE flaw now under active exploitation

A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...

Hack-for-hire group caught targeting Android devices and iCloud backups

Security researchers exposed a spying campaign by a hack-for-hire group that used Android spyware and phishing to steal ...