A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.

Android Package (APK) malformation has emerged as a standard Android malware evasion tactic, with the technique identified in more than 3000 malicious samples across families including Teabot, TrickMo ...

An attacker purchased 30+ WordPress plugins on Flippa, planted backdoors that lay dormant for eight months, then activated ...

More than 1000 ComfyUI servers are exposed to the internet. Attackers exploit misconfigurations to add instances to a botnet.

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...

Open WebUI has been getting some great updates, and it's a lot better than ChatGPT's web interface at this point.

They can even replace classic Linux tools and let you play old PC games.

The activity centres on unauthenticated ComfyUI deployments and the platform’s custom node ecosystem, which lets users add ...

OpenAI has launched a plugin marketplace for Codex with over 20 integrations from Slack, Figma, and Notion, adding enterprise governance controls.

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.